newyear.lugansk.info Open in urlscan Pro
2a02:4780:b:1237:0:2b88:1f42:7 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://newyear.lugansk.info/
Submission Tags: phishingrod
Submission: On October 16 via api (October 16th 2023, 1:14:37 pm UTC) from DE — Scanned from DE

Summary HTTP 94 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 19 domains to perform 94 HTTP transactions. The main IP is 2a02:4780:b:1237:0:2b88:1f42:7, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is newyear.lugansk.info.

This is the only time newyear.lugansk.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:4780:b:1... 2a02:4780:b:1237:0:2b88:1f42:7	47583 (AS-HOSTINGER) (AS-HOSTINGER)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.57.124.150 52.57.124.150	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	18.158.5.115 18.158.5.115	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:5a14:618c:2256:ed23	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
94	25

2 2a02:4780:b:1237:0:2b88:1f42:7 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

newyear.lugansk.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.124.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.5.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-5-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:5a14:618c:2256:ed23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	342 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	469 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	81 KB
7	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658 dis.criteo.com — Cisco Umbrella Rank: 648	94 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	46 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 9006	19 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	70 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	lugansk.info newyear.lugansk.info	6 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 913	392 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	759 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	465 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	605 B
94	19

	Domain	Requested by
14	static.criteo.net	ads.eu.criteo.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	imageproxy.eu.criteo.net	ads.eu.criteo.com
10	pagead2.googlesyndication.com	newyear.lugansk.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net newyear.lugansk.info
7	mc.yandex.com	3 redirects newyear.lugansk.info
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	top-fwz1.mail.ru	newyear.lugansk.info top-fwz1.mail.ru
3	mc.yandex.ru	2 redirects newyear.lugansk.info
2	fonts.gstatic.com	fonts.googleapis.com
2	pm.w55c.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	newyear.lugansk.info	newyear.lugansk.info
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
94	28

This site contains links to these domains. Also see Links.

Domain
lugansk.info
news.lugansk.info
lugansk.news

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://newyear.lugansk.info/
Frame ID: C6D940E5D5C27BEDBC914DA58F5B5B7E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 60C6928BF2F4EF741FB870FD39FA293E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&adk=1812271804&adf=3025194257&lmt=1697454873&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fnewyear.lugansk.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&ascmds=1&dt=1697462073088&bpp=19&bdt=139&idt=192&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4046222780575&frm=20&pv=2&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=207
Frame ID: 65EB58CA5B45DF79C784E6CD142E5193
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=4848637738&adk=2983699537&adf=2653041513&pi=t.ma~as.4848637738&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073108&bpp=2&bdt=159&idt=192&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=7&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PD3FIRApN0&p=http%3A//newyear.lugansk.info&dtd=195
Frame ID: 332B1FD5C8A3A8931406943766004F35
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=6900086002&adk=1664686155&adf=2361101864&pi=t.ma~as.6900086002&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073110&bpp=11&bdt=162&idt=195&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cBYY4VfV6J&p=http%3A//newyear.lugansk.info&dtd=197
Frame ID: 1518C36D58C29F97494330F3FC7DD421
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS03OQAFEIwGUIlxAAuR_Uw623EntalZgVZ3Og&u=%7CXYR7Mw9k%2FDkZ3ydrMXng9GSkFldETujgWr8mFY0M8IY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFXZlaWLsrGHuy8FXXKm2_D-cBSkWrUF3rmVk7_Leif3YjWKBbAxEsbA2KDQ0CCsT0sW4nMLTm_UPmHDGMU3d0IYEXxkfczo6VU4GQjISn3MYAV2_T9BpIj78EYowWjsAK5oYET7Q-TRNQoEu9GC8xEnFCPzpLpEaBRXHompS7ld8J89J6f8Xs66riRmxet3SEq1dpIKKAKf6fTKd3lPpm6BeZ8Or5nCH7tmXpRLOyVjD3eIM2_p4iPxxJ1HpY7yh2o-zFhG8fLdJlytaQfD8gMe4vTdkkEHdlXneQPW0v_2r2Lq5erEBWozPdX-eo-FVe-Idsu1Nyqv4oTiu8VmpY-tl-VxvW2cZVYroj7eWDumpCpNWGlO0IJfZUpcX4MsXHgG0VdrofxdGi5dc7gjEN6yBurisv7QSlMtZGoOuBAMS-ow5dqBYMIdUTOTv7F--Ot1ptuWCIkf8Z6HQw5yl12_s6W_By9Qpi9YjNIKfSNFmXy3U2rIN-ZC0oIstdZ5y9e4aNxdDKhyAd-g2ZBGjm8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCroLHOTctZYyhFPGSwuIP_aOu6AfJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcyMzg0MTE4NTM5OTA5ODDIAQmpAt71OhnkobE-qAMByAMCqgT0AU_Q5clsER3ZY2NwfgqHMzVCNeEIHOtb8p_8dmwQTt_WCeffK3kdQw-Wvd6384KxdoBjLEMI7vxY7RU9Rb0L0K7BhPOVVRxQH5E__wTaykQQW7jPLf0Gwhkze0beX7Ct5Zklxg8OjZAO-wt9qPKbSWe68B-HuQ4X5uQBJNTlJqFPjY7rnm5nj0ufrDbQ2nDCtKsMjSOHeiHtfuRh_gtbRue7sU2MYpTyIKdwo_XMjdRo3hfL8mtkQ6aZjyDForznyocl20ObZzYtP2xa_qHOWKJ8zCydabGVl0OvXImSbivYQnTe1tK-vJGam-uq4vQOGaslBlaABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_-o39ZUTfMkXxTnK7sTd6rhW89A%26client%3Dca-pub-7238411853990980%26adurl%3D
Frame ID: A6AD066EC4C943B19713614E2ED7C658
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS03OQAFCecK7ePWAAQgG4GpCL_qEWdt5t-rNg&u=%7CXYR7Mw9k%2FDmpIr9Jp8bzKxTX6hLNP4E%2FvBHhnMxVT8E%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFWilZoHyu9sOwlkp3Bog0bEHJgsP1BEyeuI_JcnKd2KtjsvGj8B7P3a4fQmoewzS7FofzGJFjZ0U2x9w9cMsRoyN2UwOcj9j3e6QZH0DPMN9kxAb5zvrUSLv8GC9ZyMIQJvMNy57nLUAclzXZGDmNCGls6HMbMQVCI0WGoddj6cc494KwYj4jeiZm7v0VDnCjSM90rO6Ryj14BtAEKFMStoCt_5kfENoEbpNNVxDdQUake2gNBQ0ooU_MtB0Hmklpm2RrDctzyY1xUQhZthjnpa1Ey0aaxQA4ShSsi3-bPMtSb-q2dAbpyXSHAPuMRl2DFZ0mvMm-oVgoBK-PEdOTwGR0F3KY8d-rhnTv5d7K5m04ImC1jeBq1uQnpLeMOSK8y3zWc7w63XfZ2GA1Pq_t8vh4wYY_IwPLI9qq7EWBp2KEFrpPmbsGqrksMntW_kjnpVp8MCtbAqFnk2OnCQiBF8UyKQFqmYikg2k7TdoQeyabTbwdcshnAGxOee0Delqjrl4dxISMDuMbsLFCOKY-Kl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuFxiOTctZeeTFNbHtwebwJCIBMme0rFc9Z2Y93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzIzODQxMTg1Mzk5MDk4MMgBCakC3vU6GeShsT6oAwHIAwKqBO4BT9DIUrdZQD153udmgNgeJtbuC-Q2JKoy8U4UNRDXijx0lZE89TWgN6HhsmIuP6e_-feXv0BZyKQpkKHM2V0hG2evAg1EW_jbyb0mEwR5a-k_L9CLoysUPIj2PiigCF78CjafduHXUW6BdIZ6r7qxUCL9qL_Z7oLi2Hqg-z4P1lyyqNdHho4rAdvFyrivi3oPey-CkR8FPiBaH082Py4-KPTvwJN05e55I_DB-abxNWu0SjCNiyy1c2t_RBN02iTCdOTwmUxtOHlUXNBE8_7tL321y3cCgQC5ujJyMAF2P5eO_Sg-kuDcq3e0cY0rNIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0-rTODhDgRHY0x2J3jWHGKQFCrFw%26client%3Dca-pub-7238411853990980%26adurl%3D
Frame ID: 74965399BC801EF607BA7052FE3668A9
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4
Frame ID: 5E8A64BE0A20B8B8EC0A31C893567630
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4AEBE4EC6DB352171757E7DF05C9D37
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: AD9227B77714D132AE92DA117D425B9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA1471868A3A9C2F4C08AE399C74DDB4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB0610DC965DEEEEC88A8D3426A364B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Луганск.info : Новый год, новогодние подарки, новогодние праздники. Новости Луганска и Луганской области. Новости Донбасса. Луганск, Донбасс, Украина. Новини Луганськ, Донбас, Україна. News Lugansk Donbass Ukraine

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

94
Requests

91 %
HTTPS

74 %
IPv6

19
Domains

28
Subdomains

25
IPs

7
Countries

1307 kB
Transfer

2772 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://lugansk.info/
Title: Главная

Search URL Search Domain Scan URL

URL: https://news.lugansk.info/
Title: Новости

Search URL Search Domain Scan URL

URL: https://lugansk.news/
Title: Луганские новости

Search URL Search Domain Scan URL

URL: https://lugansk.info/contacts.shtml
Title: Контакты

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10158.w37Oqq9hSriwZkMniYI_E7kJz8m8u8lvvwJYVWci27t2wbfFYr8TzosJ5kpi21EP.x1OomgRWF-89aXrnDdH8bxTv3cw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10158.o6BY9quIU4TDziU6w4OGt7dgeqmbAyEhe0Ho1foPZQQQSri7iQMyq-lSYTnVddiCVu1X7XioK33un7YMP-wUgxiOIx0PmuMS9Wf8fkhL7CU%2C.FhUAiq2fs41d7WdJNvaMP6YK6Pk%2C

Request Chain 36

https://mc.yandex.com/watch/94381905?wmode=7&page-url=http%3A%2F%2Fnewyear.lugansk.info%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A722%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1435722039239%3Ahid%3A350576440%3Az%3A120%3Ai%3A20231016151433%3Aet%3A1697462073%3Ac%3A1%3Arn%3A496322334%3Arqn%3A1%3Au%3A1697462073168695447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A236%2C144%2C146%2C144%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C707%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697462072417%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697462074%3At%3A%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA.info%20%3A%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D0%B4%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0.%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D1%8C%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0.%20News%20Lugansk%20Donbass%20Ukraine&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/94381905/1?wmode=7&page-url=http%3A%2F%2Fnewyear.lugansk.info%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A722%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1435722039239%3Ahid%3A350576440%3Az%3A120%3Ai%3A20231016151433%3Aet%3A1697462073%3Ac%3A1%3Arn%3A496322334%3Arqn%3A1%3Au%3A1697462073168695447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A236%2C144%2C146%2C144%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C707%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697462072417%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697462074%3At%3A%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA.info%20%3A%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D0%B4%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0.%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D1%8C%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0.%20News%20Lugansk%20Donbass%20Ukraine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10158.bbYjLtfNXSM6_HTHt5qorx0gpSHrp0MOH3cFCwXmjrtSjQ9xwFzK48d4Rq0RUIrA.SGSFDCgH5-irjKubrDmtJWgHt-0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.sMmAzwD5E07dE5_TanoeuFjRHIagLvy4vkt3_Bi_Jnk9K-d8JN3GCE6ap5FWxNFMP3VhBQILsUULiltFz6SjELLYwzyFNQIZ6b5llZM4ciI%2C.lK4aCsnSbMDJ46yEGBPlVesb8DU%2C

Request Chain 75

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cver=1&google_push=AXcoOmQNhrH1KAfmHKfPosFle-BeoTVot2N9Rv86jXsgHMTo0sG3okylYaxHCEbRXquRaCnMvoRil2-sjrU7vK2-dlMl2KHye6FCt7C7b1qXjVUzxgmYqDMXzfg-ldDJFnPb5WiaOwFX8uC72HwFAmdVo7VuXA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cver=1&google_push=AXcoOmQNhrH1KAfmHKfPosFle-BeoTVot2N9Rv86jXsgHMTo0sG3okylYaxHCEbRXquRaCnMvoRil2-sjrU7vK2-dlMl2KHye6FCt7C7b1qXjVUzxgmYqDMXzfg-ldDJFnPb5WiaOwFX8uC72HwFAmdVo7VuXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a04yM0Q1NlYxUVNucXk1&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cver=1&google_push=AXcoOmQNhrH1KAfmHKfPosFle-BeoTVot2N9Rv86jXsgHMTo0sG3okylYaxHCEbRXquRaCnMvoRil2-sjrU7vK2-dlMl2KHye6FCt7C7b1qXjVUzxgmYqDMXzfg-ldDJFnPb5WiaOwFX8uC72HwFAmdVo7VuXA

Request Chain 77

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKLj3DBcAuTm6_c4WVc7NIM&google_cver=1&google_push=AXcoOmRwB-YZoKAXqlkbE4H7sS5ZamoHyEYsVS-kYpMQbqB4OVNrQHvimF8Gy5Q0rI2zHxVDHWA6TAs05ft_t_L66FV9rqU4JR1QiJTaOzj0cTimO1hFIl5ZZILQ4X41P_6brAllibs5sBq9AiC1FLrmPn3ANA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRwB-YZoKAXqlkbE4H7sS5ZamoHyEYsVS-kYpMQbqB4OVNrQHvimF8Gy5Q0rI2zHxVDHWA6TAs05ft_t_L66FV9rqU4JR1QiJTaOzj0cTimO1hFIl5ZZILQ4X41P_6brAllibs5sBq9AiC1FLrmPn3ANA&google_hm=eS10U1ZRWmQ1RTJwR3Z3U2szSXBmbU93emZBdlhGMkZQZ35B

Request Chain 79

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEjovje5w_Apyg7H14dEBAA&google_cver=1&google_push=AXcoOmQQm1WYVwkE6ta9WyhVzOeKki5RKFjF9w_-XtETXuZckvom_ZqhaGWGRhgAvtk8DpnDBCLKz38HOMmGBHy0dax-ZvmGWfJYMopeFgzqXUp5-2DMeDGyJ8rN-UGSgkDOY1vseGEBQgL1xpqLkmspaREI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQm1WYVwkE6ta9WyhVzOeKki5RKFjF9w_-XtETXuZckvom_ZqhaGWGRhgAvtk8DpnDBCLKz38HOMmGBHy0dax-ZvmGWfJYMopeFgzqXUp5-2DMeDGyJ8rN-UGSgkDOY1vseGEBQgL1xpqLkmspaREI

94 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
newyear.lugansk.info/ 15 KB
5 KB 527ms
146ms Document
text/html 2a02:4780:b:1237:0:2b88:1f42:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://newyear.lugansk.info/
Protocol: HTTP/1.1
Server: 2a02:4780:b:1237:0:2b88:1f42:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0ca699013454aedb17b68e5acf632f03ac40f3e6c66fcddf969dee428bf3f43d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-type: text/html
date: Mon, 16 Oct 2023 13:14:32 GMT
platform: hostinger
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding

GET
H/1.1 200
OK style.css
newyear.lugansk.info/temp/ 2 KB
988 B 146ms
146ms Stylesheet
text/css 2a02:4780:b:1237:0:2b88:1f42:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://newyear.lugansk.info/temp/style.css
Requested by: Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/
Protocol: HTTP/1.1
Server: 2a02:4780:b:1237:0:2b88:1f42:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7054ff66a0f3a4240284cd3b77a35633da1a3709ce121d9b1806923837034f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 02:51:02 GMT
server: LiteSpeed
etag: "8b4-5fceea16-326b9a9255f9aadb;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
platform: hostinger
Keep-Alive: timeout=5, max=100
content-length: 555
expires: Mon, 23 Oct 2023 13:14:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 112ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1f3bd840607d260d223d258e86549f935801bde142e77de4db7151324210fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51465
x-xss-protection: 0
server: cafe
etag: 14253799051757197465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 75ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7238411853990980

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c5c9fe1f509e7780602c22e5c7109da538647ab401025dec8a8693ea29f5b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Origin: http://newyear.lugansk.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51469
x-xss-protection: 0
server: cafe
etag: 4194969657266578482
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
134 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7238411853990980&plah=newyear.lugansk.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcedab241702363d0912ffba0cf56196cc98907120d75ae35b9517a3715ac1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136613
x-xss-protection: 0
server: cafe
etag: 14037462034046398742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 60C6 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Mon, 30 Oct 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 191ms
60ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-11470"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70768
expires: Mon, 16 Oct 2023 14:14:33 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 39 KB
17 KB 211ms
95ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

c8f8b1ee337b17f881ed5e451ba2297f57ecfbb109df1c28234d8dceae87d394

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 26 Sep 2023 15:12:47 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6512f4ef-9b56"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Mon, 16 Oct 2023 14:14:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 38ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newyear.lugansk.info&callback=_gfp_s_&client=ca-pub-7238411853990980

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7238411853990980&plah=newyear.lugansk.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d85fd3aff51546470b8ed60e7d5643fd9e7d884b782c33a99e5d7ad857dd68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 65EB 13 KB
5 KB 194ms
193ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&adk=1812271804&adf=3025194257&lmt=1697454873&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fnewyear.lugansk.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&ascmds=1&dt=1697462073088&bpp=19&bdt=139&idt=192&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4046222780575&frm=20&pv=2&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50e456fb15a879149b185246c96a3c4cc7391837b983706489ffc2e43fbab61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5038
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:33 GMT
expires: Mon, 16 Oct 2023 13:14:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 332B 35 KB
14 KB 190ms
189ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=4848637738&adk=2983699537&adf=2653041513&pi=t.ma~as.4848637738&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073108&bpp=2&bdt=159&idt=192&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=7&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PD3FIRApN0&p=http%3A//newyear.lugansk.info&dtd=195

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ffaf0383a0eae3e989c8169865cf46b0b8fc959cb5f40c4d2fcd6ba4ab60eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14475
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:33 GMT
expires: Mon, 16 Oct 2023 13:14:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1518 35 KB
14 KB 179ms
178ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=6900086002&adk=1664686155&adf=2361101864&pi=t.ma~as.6900086002&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073110&bpp=11&bdt=162&idt=195&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cBYY4VfV6J&p=http%3A//newyear.lugansk.info&dtd=197

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

992066e362ba2320abc25b9f21c154758fd33b4e5816beecff1504400c6a8c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:33 GMT
expires: Mon, 16 Oct 2023 13:14:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1020 B 47ms
47ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=317353;u=http%3A//newyear.lugansk.info/;st=1697462073124;title=%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA.info%20%3A%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D0%B4%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0.%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D1%8C%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0.%20News%20Lugansk%20Donbass%20Ukraine;s=1600*1200;vp=1600*2127;touch=0;hds=1;frame=0;flash=;sid=443f6e2cc79ac1d1;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.8//4g/0/0/;lvid=1697462073330%3A1697462073340%3A1%3A80bf8462e10f335df77e8aa71c38abd5;visible=true;_=0.6610804416324532

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://newyear.lugansk.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: http://newyear.lugansk.info
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: http://newyear.lugansk.info
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: http://newyear.lugansk.info
access-control-allow-headers: *

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10158.w37Oqq9hSriwZkMniYI_E7kJz8m8u8lvvwJYVWci27t2wbfFYr8TzosJ5kpi21EP.x1OomgRWF-89aXrnDdH8bxTv3cw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10158.o6BY9quIU4TDziU6w4OGt7dgeqmbAyEhe0Ho1foPZQQQSri7iQMyq-lSYTnVddiCVu1X7XioK33un7YMP-wUgxiOIx0PmuMS9Wf8fkhL7CU%2C.FhUAiq2fs41d7WdJNvaMP6YK6Pk%2C

43 B
67 B

60ms
60ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10158.o6BY9quIU4TDziU6w4OGt7dgeqmbAyEhe0Ho1foPZQQQSri7iQMyq-lSYTnVddiCVu1X7XioK33un7YMP-wUgxiOIx0PmuMS9Wf8fkhL7CU%2C.FhUAiq2fs41d7WdJNvaMP6YK6Pk%2C

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10158.o6BY9quIU4TDziU6w4OGt7dgeqmbAyEhe0Ho1foPZQQQSri7iQMyq-lSYTnVddiCVu1X7XioK33un7YMP-wUgxiOIx0PmuMS9Wf8fkhL7CU%2C.FhUAiq2fs41d7WdJNvaMP6YK6Pk%2C
date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 63ms
60ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 16 Oct 2023 14:14:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1518 3 KB
1 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=6900086002&adk=1664686155&adf=2361101864&pi=t.ma~as.6900086002&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073110&bpp=11&bdt=162&idt=195&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cBYY4VfV6J&p=http%3A//newyear.lugansk.info&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1518 20 KB
8 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1518 187 KB
59 KB 117ms
79ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 332B 3 KB
1 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=4848637738&adk=2983699537&adf=2653041513&pi=t.ma~as.4848637738&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073108&bpp=2&bdt=159&idt=192&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=7&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PD3FIRApN0&p=http%3A//newyear.lugansk.info&dtd=195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 332B 20 KB
9 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 332B 187 KB
59 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A6AD 137 KB
47 KB 120ms
90ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS03OQAFEIwGUIlxAAuR_Uw623EntalZgVZ3Og&u=%7CXYR7Mw9k%2FDkZ3ydrMXng9GSkFldETujgWr8mFY0M8IY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFXZlaWLsrGHuy8FXXKm2_D-cBSkWrUF3rmVk7_Leif3YjWKBbAxEsbA2KDQ0CCsT0sW4nMLTm_UPmHDGMU3d0IYEXxkfczo6VU4GQjISn3MYAV2_T9BpIj78EYowWjsAK5oYET7Q-TRNQoEu9GC8xEnFCPzpLpEaBRXHompS7ld8J89J6f8Xs66riRmxet3SEq1dpIKKAKf6fTKd3lPpm6BeZ8Or5nCH7tmXpRLOyVjD3eIM2_p4iPxxJ1HpY7yh2o-zFhG8fLdJlytaQfD8gMe4vTdkkEHdlXneQPW0v_2r2Lq5erEBWozPdX-eo-FVe-Idsu1Nyqv4oTiu8VmpY-tl-VxvW2cZVYroj7eWDumpCpNWGlO0IJfZUpcX4MsXHgG0VdrofxdGi5dc7gjEN6yBurisv7QSlMtZGoOuBAMS-ow5dqBYMIdUTOTv7F--Ot1ptuWCIkf8Z6HQw5yl12_s6W_By9Qpi9YjNIKfSNFmXy3U2rIN-ZC0oIstdZ5y9e4aNxdDKhyAd-g2ZBGjm8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCroLHOTctZYyhFPGSwuIP_aOu6AfJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcyMzg0MTE4NTM5OTA5ODDIAQmpAt71OhnkobE-qAMByAMCqgT0AU_Q5clsER3ZY2NwfgqHMzVCNeEIHOtb8p_8dmwQTt_WCeffK3kdQw-Wvd6384KxdoBjLEMI7vxY7RU9Rb0L0K7BhPOVVRxQH5E__wTaykQQW7jPLf0Gwhkze0beX7Ct5Zklxg8OjZAO-wt9qPKbSWe68B-HuQ4X5uQBJNTlJqFPjY7rnm5nj0ufrDbQ2nDCtKsMjSOHeiHtfuRh_gtbRue7sU2MYpTyIKdwo_XMjdRo3hfL8mtkQ6aZjyDForznyocl20ObZzYtP2xa_qHOWKJ8zCydabGVl0OvXImSbivYQnTe1tK-vJGam-uq4vQOGaslBlaABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_-o39ZUTfMkXxTnK7sTd6rhW89A%26client%3Dca-pub-7238411853990980%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e05fcaa9a2400efe4b2c27ade4293a8330b56436595b2889de7501aa2120d806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5YnkmwQIaQdo461yqZaHyBxKQ1djSPO_mk1KWxGJNnMB3NMQZIPvuv0dZ4dNv6fH_zSyudliYGF1brxWnkrk4JK17i88rNtW8fVr8DKMD0vjzUhQz9qk8tWWd0Vll0M-XNB3fyDYdkjanx9MpHEdY6gx8eKCDE74-fAg6QKRkm5W1Tw1YpRLqjlWG_zvO9m2tn1neyq-kkemdrCWZpH6G1Xc2VNrLW5OXHhid4NxabylXmoY3y240FnTJOGBQn5S4zTQAg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 62612977
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7496 134 KB
46 KB 91ms
70ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS03OQAFCecK7ePWAAQgG4GpCL_qEWdt5t-rNg&u=%7CXYR7Mw9k%2FDmpIr9Jp8bzKxTX6hLNP4E%2FvBHhnMxVT8E%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFWilZoHyu9sOwlkp3Bog0bEHJgsP1BEyeuI_JcnKd2KtjsvGj8B7P3a4fQmoewzS7FofzGJFjZ0U2x9w9cMsRoyN2UwOcj9j3e6QZH0DPMN9kxAb5zvrUSLv8GC9ZyMIQJvMNy57nLUAclzXZGDmNCGls6HMbMQVCI0WGoddj6cc494KwYj4jeiZm7v0VDnCjSM90rO6Ryj14BtAEKFMStoCt_5kfENoEbpNNVxDdQUake2gNBQ0ooU_MtB0Hmklpm2RrDctzyY1xUQhZthjnpa1Ey0aaxQA4ShSsi3-bPMtSb-q2dAbpyXSHAPuMRl2DFZ0mvMm-oVgoBK-PEdOTwGR0F3KY8d-rhnTv5d7K5m04ImC1jeBq1uQnpLeMOSK8y3zWc7w63XfZ2GA1Pq_t8vh4wYY_IwPLI9qq7EWBp2KEFrpPmbsGqrksMntW_kjnpVp8MCtbAqFnk2OnCQiBF8UyKQFqmYikg2k7TdoQeyabTbwdcshnAGxOee0Delqjrl4dxISMDuMbsLFCOKY-Kl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuFxiOTctZeeTFNbHtwebwJCIBMme0rFc9Z2Y93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzIzODQxMTg1Mzk5MDk4MMgBCakC3vU6GeShsT6oAwHIAwKqBO4BT9DIUrdZQD153udmgNgeJtbuC-Q2JKoy8U4UNRDXijx0lZE89TWgN6HhsmIuP6e_-feXv0BZyKQpkKHM2V0hG2evAg1EW_jbyb0mEwR5a-k_L9CLoysUPIj2PiigCF78CjafduHXUW6BdIZ6r7qxUCL9qL_Z7oLi2Hqg-z4P1lyyqNdHho4rAdvFyrivi3oPey-CkR8FPiBaH082Py4-KPTvwJN05e55I_DB-abxNWu0SjCNiyy1c2t_RBN02iTCdOTwmUxtOHlUXNBE8_7tL321y3cCgQC5ujJyMAF2P5eO_Sg-kuDcq3e0cY0rNIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0-rTODhDgRHY0x2J3jWHGKQFCrFw%26client%3Dca-pub-7238411853990980%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f889eb04059893bcf92cb7cbca2b6a2c1b156f46a2a569f5964dc946d9d28cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rdW5ZQQIaQdo461y4D3xb3DUg8aswmikc_kztFiIBDFTkWP8RnV0U1UXWg5u8xEN_-BbhZ7T2-oF_SjlQIlC1rVbJEgzDcp6LfxwHtJ3d9Ktqu9qb2XphmGUBVFoMxZaqjIJPS9zka2qW7QnqEvRPaQZIuiGFK1CUvjiR7xxIM8N-A0RcTIJBI7VmFpM3aMxn8tkoMzVmKK09talNMmuoJiognw8gs9D3ujhcSRJIr8mCq7wzvtXCEwfBaku0Re48YhbMw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53161517
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E8A 120 KB
42 KB 579ms
578ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df68b904118cc925bebee9c75dd679ef6808af49a3f27beb14c0b80ca720cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:34 GMT
expires: Mon, 16 Oct 2023 13:14:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 332B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c942bc9924de0951ecbd4db023ba8878b48d9021da2e89e0dee88d0c796428aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1518 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f1bca2d892475821907bd61b0bd071535bd54d9c91761b85d04f42cb259f71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7496 2 KB
1 KB 55ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS03OQAFCecK7ePWAAQgG4GpCL_qEWdt5t-rNg&u=%7CXYR7Mw9k%2FDmpIr9Jp8bzKxTX6hLNP4E%2FvBHhnMxVT8E%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFWilZoHyu9sOwlkp3Bog0bEHJgsP1BEyeuI_JcnKd2KtjsvGj8B7P3a4fQmoewzS7FofzGJFjZ0U2x9w9cMsRoyN2UwOcj9j3e6QZH0DPMN9kxAb5zvrUSLv8GC9ZyMIQJvMNy57nLUAclzXZGDmNCGls6HMbMQVCI0WGoddj6cc494KwYj4jeiZm7v0VDnCjSM90rO6Ryj14BtAEKFMStoCt_5kfENoEbpNNVxDdQUake2gNBQ0ooU_MtB0Hmklpm2RrDctzyY1xUQhZthjnpa1Ey0aaxQA4ShSsi3-bPMtSb-q2dAbpyXSHAPuMRl2DFZ0mvMm-oVgoBK-PEdOTwGR0F3KY8d-rhnTv5d7K5m04ImC1jeBq1uQnpLeMOSK8y3zWc7w63XfZ2GA1Pq_t8vh4wYY_IwPLI9qq7EWBp2KEFrpPmbsGqrksMntW_kjnpVp8MCtbAqFnk2OnCQiBF8UyKQFqmYikg2k7TdoQeyabTbwdcshnAGxOee0Delqjrl4dxISMDuMbsLFCOKY-Kl&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuFxiOTctZeeTFNbHtwebwJCIBMme0rFc9Z2Y93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzIzODQxMTg1Mzk5MDk4MMgBCakC3vU6GeShsT6oAwHIAwKqBO4BT9DIUrdZQD153udmgNgeJtbuC-Q2JKoy8U4UNRDXijx0lZE89TWgN6HhsmIuP6e_-feXv0BZyKQpkKHM2V0hG2evAg1EW_jbyb0mEwR5a-k_L9CLoysUPIj2PiigCF78CjafduHXUW6BdIZ6r7qxUCL9qL_Z7oLi2Hqg-z4P1lyyqNdHho4rAdvFyrivi3oPey-CkR8FPiBaH082Py4-KPTvwJN05e55I_DB-abxNWu0SjCNiyy1c2t_RBN02iTCdOTwmUxtOHlUXNBE8_7tL321y3cCgQC5ujJyMAF2P5eO_Sg-kuDcq3e0cY0rNIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0-rTODhDgRHY0x2J3jWHGKQFCrFw%26client%3Dca-pub-7238411853990980%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7496 2 KB
1 KB 48ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7496 308 B
637 B 44ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7496 293 B
621 B 53ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7496 43 B
348 B 48ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VDRbot6CE6D-1zVCyUDLT1rTLHTo9kD5VVKgS0PS1gyy18s00Ptt4vXc0Z4mkZaqBFsfRNx-lFQfRAlKWIDjwWHhdMa5OnN1Ni3_zl0YHm7UjOxMU_xcR_m7_29vOYx0nwrkel9jnRDuMyUM4k0RrGL7WQuStDyRqHoeSFvFd1LoTOKuBCchng9A-0R2HdvxyFHAUmOucGN7Ck8RPKis3X4elenRI1V98dLqshm4p0RzWdDjz9uwuvoKjnm2rJ41KBrk98T1KU0ZUIDAK8c9eyGRww8rut8-2LvSAlBLt0uIydh3qBI0XXdVzOApQHQN8U5XiJrQ35jmyCr9HAaLeCBqCKTfW2cuFcsYlZiaVfhLwVACyGLBKM3m2LYkYW2HrtZkud7yCrstlxBPQ5FgI42yTVPMoU_G0ItrQxZ90SIYX103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1533015
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7496 12 KB
6 KB 34ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A6AD 2 KB
1 KB 22ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZS03OQAFEIwGUIlxAAuR_Uw623EntalZgVZ3Og&u=%7CXYR7Mw9k%2FDkZ3ydrMXng9GSkFldETujgWr8mFY0M8IY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFXZlaWLsrGHuy8FXXKm2_D-cBSkWrUF3rmVk7_Leif3YjWKBbAxEsbA2KDQ0CCsT0sW4nMLTm_UPmHDGMU3d0IYEXxkfczo6VU4GQjISn3MYAV2_T9BpIj78EYowWjsAK5oYET7Q-TRNQoEu9GC8xEnFCPzpLpEaBRXHompS7ld8J89J6f8Xs66riRmxet3SEq1dpIKKAKf6fTKd3lPpm6BeZ8Or5nCH7tmXpRLOyVjD3eIM2_p4iPxxJ1HpY7yh2o-zFhG8fLdJlytaQfD8gMe4vTdkkEHdlXneQPW0v_2r2Lq5erEBWozPdX-eo-FVe-Idsu1Nyqv4oTiu8VmpY-tl-VxvW2cZVYroj7eWDumpCpNWGlO0IJfZUpcX4MsXHgG0VdrofxdGi5dc7gjEN6yBurisv7QSlMtZGoOuBAMS-ow5dqBYMIdUTOTv7F--Ot1ptuWCIkf8Z6HQw5yl12_s6W_By9Qpi9YjNIKfSNFmXy3U2rIN-ZC0oIstdZ5y9e4aNxdDKhyAd-g2ZBGjm8E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCroLHOTctZYyhFPGSwuIP_aOu6AfJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcyMzg0MTE4NTM5OTA5ODDIAQmpAt71OhnkobE-qAMByAMCqgT0AU_Q5clsER3ZY2NwfgqHMzVCNeEIHOtb8p_8dmwQTt_WCeffK3kdQw-Wvd6384KxdoBjLEMI7vxY7RU9Rb0L0K7BhPOVVRxQH5E__wTaykQQW7jPLf0Gwhkze0beX7Ct5Zklxg8OjZAO-wt9qPKbSWe68B-HuQ4X5uQBJNTlJqFPjY7rnm5nj0ufrDbQ2nDCtKsMjSOHeiHtfuRh_gtbRue7sU2MYpTyIKdwo_XMjdRo3hfL8mtkQ6aZjyDForznyocl20ObZzYtP2xa_qHOWKJ8zCydabGVl0OvXImSbivYQnTe1tK-vJGam-uq4vQOGaslBlaABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_-o39ZUTfMkXxTnK7sTd6rhW89A%26client%3Dca-pub-7238411853990980%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A6AD 2 KB
1 KB 21ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A6AD 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A6AD 293 B
621 B 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A6AD 43 B
347 B 15ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1v8dr96CE6D-1zVCyUDLT1rTLHSU1nxpp4Okv9keeGisC65lRhLLrDDq38Pz4zS2-Q-XG61A53Af4DqWsIsPLaZJmSvJWvcwvCpomBjcgNKgQIzheWx4yuAAfsMzJt53RvnXSGEYIoalsq9p43Uc_tQVFzMsFYNjnvggwVzkm_o9RAquYbWLxVrQPNnPZ-kwBrxopJASNU25k2EJS3Yg5XeXSkCA6Wk4gHJ-gVLAPK3cDdnFkt798m5GpvtXbdQdEPU_gDNr7pqfTp-RJoRqs_xwnQibfhDBUh-wfL88EqVxtUJtP1lZhrNqLJeokaq6rmgnyuJshJ43GmJk2F6JxGnPbI4SCe3ve6Cp9OICxRvVm_XZU-REWbhg0B8MaulAqBZkS7w89BUHGIe_tQQaOjAWhE4TIFGywPNx38zuBp3iw3Ga

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1837884
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/94381905/
Redirect Chain

https://mc.yandex.com/watch/94381905?wmode=7&page-url=http%3A%2F%2Fnewyear.lugansk.info%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A722%3Afu%3A0%3Aen%3Awi...
https://mc.yandex.com/watch/94381905/1?wmode=7&page-url=http%3A%2F%2Fnewyear.lugansk.info%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A722%3Afu%3A0%3Aen%3A...

435 B
578 B

61ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/94381905/1?wmode=7&page-url=http%3A%2F%2Fnewyear.lugansk.info%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A722%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1435722039239%3Ahid%3A350576440%3Az%3A120%3Ai%3A20231016151433%3Aet%3A1697462073%3Ac%3A1%3Arn%3A496322334%3Arqn%3A1%3Au%3A1697462073168695447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A236%2C144%2C146%2C144%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C707%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697462072417%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697462074%3At%3A%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA.info%20%3A%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D0%B4%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0.%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D1%8C%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0.%20News%20Lugansk%20Donbass%20Ukraine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0acef315a6de68b4518ec8e0d40028b29ca8668b2038d8b70ecddc95e96aa6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 16-Oct-2023 13:14:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://newyear.lugansk.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 16-Oct-2023 13:14:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16-Oct-2023 13:14:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/94381905/1?wmode=7&page-url=http%3A%2F%2Fnewyear.lugansk.info%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A722%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1435722039239%3Ahid%3A350576440%3Az%3A120%3Ai%3A20231016151433%3Aet%3A1697462073%3Ac%3A1%3Arn%3A496322334%3Arqn%3A1%3Au%3A1697462073168695447%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A236%2C144%2C146%2C144%2C0%2C0%2C%2C36%2C0%2C%2C%2C%2C707%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697462072417%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697462074%3At%3A%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA.info%20%3A%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D0%B4%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0.%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D1%8C%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0.%20News%20Lugansk%20Donbass%20Ukraine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: http://newyear.lugansk.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 16-Oct-2023 13:14:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7496 54 KB
54 KB 74ms
34ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Thu, 03 Oct 2024 11:24:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7496 14 KB
14 KB 68ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F9735_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=tHT-jGV8JLYccQ5bkz6ccC1C&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14474
expires: Sat, 04 Nov 2023 12:24:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7496 13 KB
13 KB 64ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7319_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=QwDf_oxz2YqnFpEv9FkE6Mel&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12824
expires: Sat, 04 Nov 2023 22:56:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7496 9 KB
9 KB 85ms
45ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F4123_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=cUORs_l4n4Suns43TyAycXl8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe541d5a8862d0ee4f0ae66b9b3c5640d3131f0e2551608fd78a9b92f4cf48c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 9014
expires: Sat, 04 Nov 2023 21:55:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7496 0
127 B 85ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rdW5ZQQIaQdo461y4D3xb3DUg8aswmikc_kztFiIBDFTkWP8RnV0U1UXWg5u8xEN_-BbhZ7T2-oF_SjlQIlC1rVbJEgzDcp6LfxwHtJ3d9Ktqu9qb2XphmGUBVFoMxZaqjIJPS9zka2qW7QnqEvRPaQZIuiGFK1CUvjiR7xxIM8N-A0RcTIJBI7VmFpM3aMxn8tkoMzVmKK09talNMmuoJiognw8gs9D3ujhcSRJIr8mCq7wzvtXCEwfBaku0Re48YhbMw&sds=2&rev=88837&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7496 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7496 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A6AD 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A6AD 54 KB
54 KB 50ms
49ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Thu, 03 Oct 2024 11:24:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A6AD 14 KB
14 KB 43ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14474
expires: Sat, 04 Nov 2023 12:24:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A6AD 14 KB
14 KB 46ms
46ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F5413_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=92JYvn5O0p_Syq-WfETBsbnJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

43dde84a087df2f9e63e09653ecaa4c5e1ef6ec7685822952628398fd1eee555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14182
expires: Sun, 05 Nov 2023 05:51:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A6AD 8 KB
9 KB 45ms
45ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=N2-N3FEOfepReAgBnHPPF5ZX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 8586
expires: Sat, 04 Nov 2023 12:47:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A6AD 0
128 B 40ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5YnkmwQIaQdo461yqZaHyBxKQ1djSPO_mk1KWxGJNnMB3NMQZIPvuv0dZ4dNv6fH_zSyudliYGF1brxWnkrk4JK17i88rNtW8fVr8DKMD0vjzUhQz9qk8tWWd0Vll0M-XNB3fyDYdkjanx9MpHEdY6gx8eKCDE74-fAg6QKRkm5W1Tw1YpRLqjlWG_zvO9m2tn1neyq-kkemdrCWZpH6G1Xc2VNrLW5OXHhid4NxabylXmoY3y240FnTJOGBQn5S4zTQAg&sds=2&rev=88837&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 Oct 2023 13:14:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A6AD 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A6AD 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Oct 2024 13:14:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7496 14 KB
14 KB 31ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14474
expires: Sat, 04 Nov 2023 12:24:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7496 54 KB
54 KB 24ms
22ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Thu, 03 Oct 2024 11:24:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A6AD 14 KB
14 KB 17ms
17ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14474
expires: Sat, 04 Nov 2023 12:24:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A6AD 54 KB
54 KB 14ms
14ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Thu, 03 Oct 2024 11:24:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 332B 0
23 B 52ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf283OTctZeeTFNbHtwebwJCIBMme0rFc9Z2Y93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzIzODQxMTg1Mzk5MDk4MMgBCakC3vU6GeShsT6oAwHIAwKqBOsBT9DIUrdZQD153udmgNgeJtbuC-Q2JKoy8U4UNRDXijx0lZE89TWgN6HhsmIuP6e_-feXv0BZyKQpkKHM2V0hG2evAg1EW_jbyb0mEwR5a-k_L9CLoysUPIj2PiigCF78CjafduHXUW6BdIZ6r7qxUCL9qL_Z7oLi2Hqg-z4P1lyyqNdHho4rAdvFyrivi3oPey-CkR8FPiBaH082Py4-KPTvwJN05e55I_DB-abxNWu0SjCNiyy1c2t_RBN02iTCdOTwmUwvOljG3EOUzlg9CKc5656mjyezDDhcKIPC96ooD5cgvvhEYeOUmIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcyMzg0MTE4NTM5OTA5ODAYAA&sigh=IDjKvtHEjm4&uach_m=[UACH]&cid=CAQSTADICaaNKw3QEhJA120ZfwP5LbyQDIlA0Lgnyv6Rf37y6yMCO995es4_xssIbjdMYyfXiPPC7eqVBNTyZVTF4vNSJ1Y2Q5TdwMQlnYcYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=4848637738&adk=2983699537&adf=2653041513&pi=t.ma~as.4848637738&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073108&bpp=2&bdt=159&idt=192&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=7&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PD3FIRApN0&p=http%3A//newyear.lugansk.info&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 13:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 332B 0
126 B 47ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RLAJmAKdg2ICAgAAAB8zyfjCeONrEDg3LWXzBLtivDzl4iKBAAASAAAKCkFRVUJBUUVCQVE&wp=ZS03OQAFCecK7ePWAAQgG4GpCL_qEWdt5t-rNg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 174665
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1518 0
23 B 51ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBkblOTctZYyhFPGSwuIP_aOu6AfJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcyMzg0MTE4NTM5OTA5ODDIAQmpAt71OhnkobE-qAMByAMCqgTxAU_Q5clsER3ZY2NwfgqHMzVCNeEIHOtb8p_8dmwQTt_WCeffK3kdQw-Wvd6384KxdoBjLEMI7vxY7RU9Rb0L0K7BhPOVVRxQH5E__wTaykQQW7jPLf0Gwhkze0beX7Ct5Zklxg8OjZAO-wt9qPKbSWe68B-HuQ4X5uQBJNTlJqFPjY7rnm5nj0ufrDbQ2nDCtKsMjSOHeiHtfuRh_gtbRue7sU2MYpTyIKdwo_XMjdRo3hfL8mtkQ6aZjyDForznyocl20ObZzYtP2xavKPvyiLvHBE7uZZPG2NG-Ie1ZJ3SbGxcYhqDGmMlhceyej6aOUKABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MjM4NDExODUzOTkwOTgwGAA&sigh=m6aEi_iiDyE&uach_m=[UACH]&cid=CAQSTADICaaNTlV9qkE_fOaOlV5Q6gEcTn8A_Qpfvovotp_B_fPx0yGHGO6fk0NXzrU2UxLF48gxYNdHJfauXya2bDqheld6AcRu_XWfLbQYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=6900086002&adk=1664686155&adf=2361101864&pi=t.ma~as.6900086002&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073110&bpp=11&bdt=162&idt=195&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cBYY4VfV6J&p=http%3A//newyear.lugansk.info&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 13:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 13:14:33 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1518 0
126 B 83ms
21ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RLAJmAKdg2ICAgAAAD3MLJ_hI_yzEDg3LWV8r5pU3PAQFr1ZAAASAAAKCkFRVUJEd0VCRHc&wp=ZS03OQAFEIwGUIlxAAuR_Uw623EntalZgVZ3Og&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 154951
server: Kestrel
content-length: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10158.bbYjLtfNXSM6_HTHt5qorx0gpSHrp0MOH3cFCwXmjrtSjQ9xwFzK48d4Rq0RUIrA.SGSFDCgH5-irjKubrDmtJWgHt-0%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.sMmAzwD5E07dE5_TanoeuFjRHIagLvy4vkt3_Bi_Jnk9K-d8JN3GCE6ap5FWxNFMP3VhBQILsUULiltFz6SjELLYwzyFNQIZ6b5llZM4ciI%2C.lK4aCsnSbMDJ46yEG...

43 B
79 B

62ms
61ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.sMmAzwD5E07dE5_TanoeuFjRHIagLvy4vkt3_Bi_Jnk9K-d8JN3GCE6ap5FWxNFMP3VhBQILsUULiltFz6SjELLYwzyFNQIZ6b5llZM4ciI%2C.lK4aCsnSbMDJ46yEGBPlVesb8DU%2C

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.sMmAzwD5E07dE5_TanoeuFjRHIagLvy4vkt3_Bi_Jnk9K-d8JN3GCE6ap5FWxNFMP3VhBQILsUULiltFz6SjELLYwzyFNQIZ6b5llZM4ciI%2C.lK4aCsnSbMDJ46yEGBPlVesb8DU%2C
date: Mon, 16 Oct 2023 13:14:33 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 5E8A 4 KB
1 KB 58ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 13:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:39:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 13:14:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5E8A 2 KB
973 B 10ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5E8A 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5E8A 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5E8A 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5E8A 0
0 38ms
16ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9B_4BbGrLqYJvkOaY3ie5g_WLPWvqTMwbeyI34nLennNrHjSJvSJg9Rda9mu5_fW7EbCRm3Hgr_CYY5mk-I85RKvAjQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E8A 187 KB
59 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 13:14:34 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 5E8A 35 KB
15 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 21:02:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 21:16:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C4AE 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Tue, 17 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15331378145558714973/ Frame 5E8A 141 KB
141 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15331378145558714973/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d649ec13da6d5234e90762a4a4e879a50ec86d50c2ebc062c3bc72ad161779eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:19:20 GMT
x-content-type-options: nosniff
age: 366914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144614
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 15:10:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Oct 2024 07:19:20 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14923917317441196049/ Frame 5E8A 1 KB
2 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14923917317441196049/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70605cca4a3aca54f952f58e5b6cd6df3f9e2a98bdf5d1af4b53a16055fc33f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:01:14 GMT
x-content-type-options: nosniff
age: 72800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1263
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 04:33:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Oct 2024 17:01:14 GMT

GET
DATA 200
OK truncated
/ Frame 5E8A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9547499635769150f5c8600cf46c535517dd3bedba19dcc8ae8ec9dae9111504

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame C4AE 35 B
465 B 56ms
23ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEADbGU2u0g9_o_97V7F6ohY&google_cver=1&google_push=AXcoOmSLxkCxpjJ1KKCgNQQv39T1sc5ihHIb9dfLu16snsN3ZYw58uwrBZFaDtoJyEVjRQj1S_d4WCD_9mWvBYoTHu2yI7dhaV2cWxVWc7WUuPcPvaEmNZ-nmW6SNBEaNBJ_W2eV0dHLokPY5KO6c6gIJJm6Hg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C4AE 0
104 B 88ms
23ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEANy_hsGmpT_b4w2rfYizkk&google_cver=1&google_push=AXcoOmQ_tHb9E-5zS83WTjaT8gnIpZjnIR_cZI9usV2dqAVQiRKwl7TtYmoxzlLUL78dvv7biHtH_MZWBqTaLk639FBcnji1RXTBHPolDTTkNfTa1NyHvu3-97p9zG3tXsdtaGwiQeCNzPxrdwDwjTg1MJPsgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C4AE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a04yM0Q1NlYxUVNucXk1&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cver=1&google_push=AXcoOmQNhrH1KAfmHKfPosFle-BeoTVot2N9Rv86jXsgHMT...

170 B
232 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a04yM0Q1NlYxUVNucXk1&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cver=1&google_push=AXcoOmQNhrH1KAfmHKfPosFle-BeoTVot2N9Rv86jXsgHMTo0sG3okylYaxHCEbRXquRaCnMvoRil2-sjrU7vK2-dlMl2KHye6FCt7C7b1qXjVUzxgmYqDMXzfg-ldDJFnPb5WiaOwFX8uC72HwFAmdVo7VuXA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Oct 2023 13:14:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a04yM0Q1NlYxUVNucXk1&google_gid=CAESEFnPzA5HMJh01WKH9Mlxy38&google_cver=1&google_push=AXcoOmQNhrH1KAfmHKfPosFle-BeoTVot2N9Rv86jXsgHMTo0sG3okylYaxHCEbRXquRaCnMvoRil2-sjrU7vK2-dlMl2KHye6FCt7C7b1qXjVUzxgmYqDMXzfg-ldDJFnPb5WiaOwFX8uC72HwFAmdVo7VuXA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C4AE 43 B
146 B 36ms
7ms Image
image/gif 18.158.5.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBqyOJ5Y7B8Xoq6811nzBug&google_cver=1&google_push=AXcoOmQP3WYgxt6FZon9U119KR-H5aLpWsqL2UGqaM9R96w8MSCepIlmMYMj2NnimlDmA_eW5altycDsW7-AI0pCXRMDDQ5LuRo6N8LBgwFiBHSQ9kXlHVwvRVU791ESdsAMCNthKXdeJpK_oFmEFu_sDcoSpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.5.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-5-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4AE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKLj3DBcAuTm6_c4WVc7NIM&google_cver=1&google_push=AXcoOmRwB-YZoKAXqlkbE4H7sS5ZamoHyEYsVS-kYpMQbqB4OVNrQHvimF8Gy5Q0rI2zHxVDHWA6TAs05ft_t_L66FV9rqU...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRwB-YZoKAXqlkbE4H7sS5ZamoHyEYsVS-kYpMQbqB4OVNrQHvimF8Gy5Q0rI2zHxVDHWA6TAs05ft_t_L66FV9rqU4JR1QiJTaOzj0cTimO1hFIl5ZZILQ4X41P_6br...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRwB-YZoKAXqlkbE4H7sS5ZamoHyEYsVS-kYpMQbqB4OVNrQHvimF8Gy5Q0rI2zHxVDHWA6TAs05ft_t_L66FV9rqU4JR1QiJTaOzj0cTimO1hFIl5ZZILQ4X41P_6brAllibs5sBq9AiC1FLrmPn3ANA&google_hm=eS10U1ZRWmQ1RTJwR3Z3U2szSXBmbU93emZBdlhGMkZQZ35B

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 16 Oct 2023 13:14:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRwB-YZoKAXqlkbE4H7sS5ZamoHyEYsVS-kYpMQbqB4OVNrQHvimF8Gy5Q0rI2zHxVDHWA6TAs05ft_t_L66FV9rqU4JR1QiJTaOzj0cTimO1hFIl5ZZILQ4X41P_6brAllibs5sBq9AiC1FLrmPn3ANA&google_hm=eS10U1ZRWmQ1RTJwR3Z3U2szSXBmbU93emZBdlhGMkZQZ35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C4AE 43 B
363 B 55ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQRQc5Z37K5WIJ5CJD_LVbzIcmCBOAjERYKcqC5qJH4S0LBk9CsDuKoeHHQzD1CIuub5cOcPuihwi1OMsRB6U5tocPv4e8HdRMsRLACyIqV-TqUVs2nfTiHIwYmjGDDW3atwT1xBHDPTojeLXloi7AnTA&google_gid=CAESEJygNb1S7Edn_jBA0mLit7Q&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 258585
expires: Mon, 16 Oct 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C4AE
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEjovje5w_Apyg7H14dEBAA&google_cver=1&google_push=AXcoOmQQm1WYVwkE6ta9WyhVzOeKki5RKFjF9w_-XtETXuZckvom_ZqhaGWGRhgAvtk8DpnDBCLKz38HOMmG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQm1WYVwkE6ta9WyhVzOeKki5RKFjF9w_-XtETXuZckvom_ZqhaGWGRhgAvtk8DpnDBCLKz38HOMmGBHy0dax-ZvmGWfJYMopeFgzqXUp5-2DMeDGy...

170 B
329 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQm1WYVwkE6ta9WyhVzOeKki5RKFjF9w_-XtETXuZckvom_ZqhaGWGRhgAvtk8DpnDBCLKz38HOMmGBHy0dax-ZvmGWfJYMopeFgzqXUp5-2DMeDGyJ8rN-UGSgkDOY1vseGEBQgL1xpqLkmspaREI

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQm1WYVwkE6ta9WyhVzOeKki5RKFjF9w_-XtETXuZckvom_ZqhaGWGRhgAvtk8DpnDBCLKz38HOMmGBHy0dax-ZvmGWfJYMopeFgzqXUp5-2DMeDGyJ8rN-UGSgkDOY1vseGEBQgL1xpqLkmspaREI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C4AE 0
139 B 47ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jsx3qQJ8v2Wg_fyzD2Z7W8ekRzaYOiQXIJussnbtJUFiG6qE-2gai4Vv7XQDdZ9iGAts_c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5E8A 15 KB
16 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 380224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 03:37:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5E8A 15 KB
15 KB 31ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 334903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:12:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E8A 0
19 B 53ms
52ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTv7kOTctZYGHJ9L7kPIPlq60iAOAtLuWcJWN8a-fEYzAtauuARABIPGVlANgleKQgqAHoAGZm4T_A8gBCakCeqRFDKaVsj6oAwHIA8sEqgSAAk_Qk2H8mS-1kESlDovl4AnY_40mIm5sH-G_YpMhDpvqIy5YVJG15NUEaSgxxmUd7a2IsBsyD7CKyo3gMI3y9XT-m-2ml2mJeB2EhnOmuHqTTKF-J64eRpEeF_gzxvJeC6R-p_E9DWyXQoOckOtQsu9Ppn8buo46SFuxz59-hXY5ZfGmS7WyVvtMpM64QdvcRvN4V7AONHSTnfA0E-6ySWOnS-U2dgsJBmcIoEni4x6hWlX8pTbLdkfWETzSdgRbxNxw6KTzJvk0gSVlhnsJj00jRHCy95ieL2cyZGvSXdSYeGm2opf5iulOebd_ppjY59Qobk66At1UGNZk5WZRXDDABNTokMOoBIgFw9vTw0qSBQQIBBgBkgUECAUYBKAGLoAHz-R7qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4ocF0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbgT5APYEw2IFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNzIzODQxMTg1Mzk5MDk4MBgA&sigh=LtvTJvfBy_Q&uach_m=[UACH]&cid=CAQSPADICaaN1h70nSemYKqidHsGyn8frAP31KQf55-48BXddUaLYRbMVk_vKZ5qFORbA-wh0bLT_oNBerm2PxgB&template_id=484&cbvp=2&vis=1

Requested by

Host: newyear.lugansk.info
URL: http://newyear.lugansk.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=60&adk=273762757&adf=745599300&pi=t.aa~a.512797843~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&to=qs&pwprc=9122994922&format=1200x60&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1697462073538&bpp=1&bdt=590&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd3b81f738ac12de9-222853d89ae40065%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MZLRxWJm0iKhqUnH76sAd1ioRLOgQ&gpic=UID%3D00000d9a12f81f18%3AT%3D1697462073%3ART%3D1697462073%3AS%3DALNI_MYcV_8AYt1ID9yu0LMj_ttOPK98jA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=7VremHgB7P&p=http%3A//newyear.lugansk.info&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 13:14:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0029e444f305aa54a883bdcd7dbddf4a21bd0f0ed4a348f531063799f6eef9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
934 B 48ms
47ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=317353;u=http%3A//newyear.lugansk.info/;st=1697462073124;title=%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA.info%20%3A%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%B3%D0%BE%D0%B4%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0.%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0.%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%81%D1%8C%D0%BA%2C%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0.%20News%20Lugansk%20Donbass%20Ukraine;s=1600*1200;vp=1600*2207;touch=0;hds=1;frame=0;flash=;sid=443f6e2cc79ac1d1;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1697462072417/////0/1/237/237/381//381/528/671/531/707/707/707/1820/1820/1820;ni=9.8//4g/0/0/;lvid=1697462073330%3A1697462074238%3A2%3A80bf8462e10f335df77e8aa71c38abd5;opts=jst-ym;visible=true;_=0.5621376813348076;e=RT/load;et=1697462074238

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://newyear.lugansk.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: http://newyear.lugansk.info
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: http://newyear.lugansk.info
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: http://newyear.lugansk.info
access-control-allow-headers: *

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame AD92 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 07:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 540087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 07:13:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 13:14:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA14 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 12:40:18 GMT
expires: Tue, 15 Oct 2024 12:40:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EB06 829 B
1 KB 22ms
21ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9f023b8f3a2f166d56d7e8c36bcf681f61a181b4cabd7fd1c3850f04ca8b9e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lYeCvdrQ0ieEvsHmBz6nDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://newyear.lugansk.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lYeCvdrQ0ieEvsHmBz6nDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 13:14:34 GMT
expires: Mon, 16 Oct 2023 13:14:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame DA14 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Oct 2024 13:04:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB06 0
0 108ms
108ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=47632485785619&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA14 0
10 B 11ms
11ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SAeBUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:14:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 332B 42 B
64 B 115ms
115ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8a7tSuZJ4opnai2QPOm0OXV7Ch404TFaeLmgbxuJYfxWQru0mnb8AEdjsKClqyzJrykXXewZ4M8AKCkutC4ONOhIliPWx9Vcviu8&sig=Cg0ArKJSzC-wT7TvKJ4QEAE&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2983699537&rs=2&la=1&cr=0&vs=4&r=v&rst=1697462073304&rpt=317&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 13:14:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7496 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 Oct 2023 13:14:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
114ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=47632485785619&bg=!q6ilqOfNAAbFpEfJ5aQ7ADQBe5WfODp_Jgtw9CoonTkiGYeHXoLniDW5DW-lZKvuT2gVvHnFbDG2iX3wThGcIv5vv8PBAgAAAEFSAAAACGgBB5kC8UzhmjBCLfQdBQuWb9vU822nyFXfYQzmqGz_msKtt2XCbOE4n1TOtryYBBV2zmWFeFO6zrn6_QOzQEXVtLGaa-TJFzeqECoNF0GC6SjTpVcT_pqZSQtTm8diIzfxjXXGnInFwlMR6B-brqi9XkiIqAIFHoCQ7l3AZYhaNqUF7WVAZMFY7Hk42RZjak6zK7ojRZ1cibT-UWa2lQQ__2gmPKQ8f37IeCMVcXk1QkJcyFUrH3TwdmU4V6SXcy81I9OpbarHPKsT5tMFEQWHU9x34DxBYcJ4v5XBjmOtRw3MKpwlwHb8Pdt0bxSNjVgG0hd9tlpfcQjDCLjS1JhSl4eLhNm4duRe-6V0cX2hnJvpptVRe7M4lePcKZPzr-Qazon0Ics2jsdD7BQZoupsfMXxfYcmF0Q1pMl5LMy-JjeEDAm291jbMV60yqwU7Tb82gY9NVY7Ll7akI9PCXOlA2aOPPmT7G-Eh_UVPiVtfSuQcxVfcOdL2B6pUoyNb0DxycqlM8zSZ_CTxn9QWcMDxy6vGsBbtSCcWTFiOEHSEb3mgdrPh5yXeE2NXmmp1z5eXhcvYqzwILmhIeJt_nsUHaEzb8bhh0lvo7RT9aWb_igSqNBsYe_ZVZt2i-CpmA6TYnFiSjt74oFArD6U4SatggvfBCqoA4PdqGSita-nBH6OG_OBC8R_2kim_fbRA1H5IgJgEh9-qsB-k3M4SGO0ElrgJYqMbYdOflIaLqw6780OtA0fQo67WnFZq6UV4npq5k0TsOc6WVCSjUdCEMzZADuvA9-2_sajPT8BnPanLH88Sw6S84spgGS6x90mHAH9lZXC65Gyp4_1ATTHZABSiYtgiLQujMfa5j9dCmDU6GmcrjpnJ_7HCqgy5yXnwquS89wpDgKxCkKq_vvJGbMJwXHF_L_l0rLm86rhFmbNPqXTaJfueVLvT8ERu2oGeGTdAOtDN0QkqafNflenfJOjYianfZBwWdCY3LW8mGij-TCOrait-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://newyear.lugansk.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lugansk.info/	1970-01-20 23:30:33	Name: tmr_lvid Value: 80bf8462e10f335df77e8aa71c38abd5
.lugansk.info/	1970-01-20 23:30:33	Name: tmr_lvidTS Value: 1697462073330
.lugansk.info/	1970-01-21 00:16:38	Name: _ym_uid Value: 1697462073168695447
.lugansk.info/	1970-01-21 00:16:38	Name: _ym_d Value: 1697462073
.mc.yandex.com/	1970-01-20 15:31:02	Name: sync_cookie_csrf Value: 1877160166fake
.lugansk.info/	1970-01-20 15:32:14	Name: _ym_isad Value: 2
.lugansk.info/	1970-01-21 00:52:38	Name: __gads Value: ID=afd692bdf67815d3:T=1697462073:RT=1697462073:S=ALNI_MZQQcb-ca1lFLHvYDdxwA0LPdaIww
.lugansk.info/	1970-01-21 00:52:38	Name: __gpi Value: UID=00000cbade5276f2:T=1697462073:RT=1697462073:S=ALNI_MalmuEUyc6md17lNiviJ0Yp6102sA
.mc.yandex.ru/	1970-01-20 15:31:02	Name: sync_cookie_csrf Value: 2277555043fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 817704991697462073
.yandex.com/	1970-01-21 01:07:02	Name: i Value: MOb42bV0S4VjlfjqMuIHPerz0ZQ6tL4krAgJCAQaoaaGnMtaE3n6yiA3cV9+GBbtr604MKHTmhdn1H4K89gleyN6F3c=
.yandex.com/	1970-01-21 01:07:02	Name: yandexuid Value: 4726342561697462073
.yandex.com/	1970-01-21 00:16:38	Name: yuidss Value: 4726342561697462073
.yandex.com/	1970-01-21 00:16:38	Name: ymex Value: 1728998073.yrts.1697462073#1728998073.yrtsi.1697462073
.doubleclick.net/	1970-01-21 00:52:38	Name: IDE Value: AHWqTUn91mVB_iV-3u63TdEMDjde8yf-GMPwozd7GesAuFXA4CsgeIiEpwyyYoVFi-M
.w55c.net/	1970-01-21 01:02:42	Name: wfivefivec Value: kN23D56V1QSnqy5
.w55c.net/	1970-01-20 16:14:14	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 17:40:38	Name: d Value: ECsBCQGZKoEA
.quantserve.com/	1970-01-21 01:01:16	Name: mc Value: 652d373a-33a1b-45681-79bc9
.yahoo.com/	1970-01-21 00:16:59	Name: A3 Value: d=AQABBDo3LWUCEL7qhC4iLfv2IJWW3SY5u58FEgEBAQGILmU3ZQAAAAAA_eMAAA&S=AQAAAriLZg3Y7DxY75mwawUv3m0
.mail.ru/	1970-01-21 00:18:04	Name: VID Value: 0ZHI4z1uHdIK00000y1uT4YK:::0-0-0-a478ff9-0:CAASELcQB-ZDXNTWrsh8HClDQ6kaYEtcgdijDSD8fC8MoBfDXXXxtgbEKtyxp0vW86nbUOjcXRMfj8zkBHoyUm98npCB2XbZzG3uIbjWuLVzuEA_PrUC2zdIDibGmeMSo4_ao6PbK-mvVmq0TbAy7VPPunaXuQ
newyear.lugansk.info/	1970-01-20 15:32:28	Name: tmr_detect Value: 0%7C1697462075668

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238411853990980&output=html&h=280&slotname=6900086002&adk=1664686155&adf=2361101864&pi=t.ma~as.6900086002&w=1200&fwrn=4&fwrnh=100&lmt=1697454873&rafmt=1&format=1200x280&url=http%3A%2F%2Fnewyear.lugansk.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1697462073110&bpp=11&bdt=162&idt=195&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4046222780575&frm=20&pv=1&ga_vid=1504909402.1697462073&ga_sid=1697462073&ga_hid=445226214&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805680%2C31078297&oid=2&pvsid=47632485785619&tmod=879138885&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=cBYY4VfV6J&p=http%3A//newyear.lugansk.info&dtd=197 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
mc.yandex.com
mc.yandex.ru
newyear.lugansk.info
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
static.criteo.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.66
178.250.1.6
178.250.1.9
18.158.5.115
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:4780:b:1237:0:2b88:1f42:7
2a02:6b8::1:119
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:5a14:618c:2256:ed23
51.89.9.251
52.57.124.150
95.163.52.67
0029e444f305aa54a883bdcd7dbddf4a21bd0f0ed4a348f531063799f6eef9fb
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0acef315a6de68b4518ec8e0d40028b29ca8668b2038d8b70ecddc95e96aa6af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca699013454aedb17b68e5acf632f03ac40f3e6c66fcddf969dee428bf3f43d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2df68b904118cc925bebee9c75dd679ef6808af49a3f27beb14c0b80ca720cec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f1bca2d892475821907bd61b0bd071535bd54d9c91761b85d04f42cb259f71
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
43dde84a087df2f9e63e09653ecaa4c5e1ef6ec7685822952628398fd1eee555
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
50e456fb15a879149b185246c96a3c4cc7391837b983706489ffc2e43fbab61c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6d85fd3aff51546470b8ed60e7d5643fd9e7d884b782c33a99e5d7ad857dd68b
6ffaf0383a0eae3e989c8169865cf46b0b8fc959cb5f40c4d2fcd6ba4ab60eb8
7054ff66a0f3a4240284cd3b77a35633da1a3709ce121d9b1806923837034f35
70605cca4a3aca54f952f58e5b6cd6df3f9e2a98bdf5d1af4b53a16055fc33f7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28
7c5c9fe1f509e7780602c22e5c7109da538647ab401025dec8a8693ea29f5b68
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9547499635769150f5c8600cf46c535517dd3bedba19dcc8ae8ec9dae9111504
992066e362ba2320abc25b9f21c154758fd33b4e5816beecff1504400c6a8c3a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
bcedab241702363d0912ffba0cf56196cc98907120d75ae35b9517a3715ac1a5
c8f8b1ee337b17f881ed5e451ba2297f57ecfbb109df1c28234d8dceae87d394
c942bc9924de0951ecbd4db023ba8878b48d9021da2e89e0dee88d0c796428aa
d649ec13da6d5234e90762a4a4e879a50ec86d50c2ebc062c3bc72ad161779eb
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e05fcaa9a2400efe4b2c27ade4293a8330b56436595b2889de7501aa2120d806
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f3bd840607d260d223d258e86549f935801bde142e77de4db7151324210fbe
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f889eb04059893bcf92cb7cbca2b6a2c1b156f46a2a569f5964dc946d9d28cbf
f9f023b8f3a2f166d56d7e8c36bcf681f61a181b4cabd7fd1c3850f04ca8b9e4
fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c
fe541d5a8862d0ee4f0ae66b9b3c5640d3131f0e2551608fd78a9b92f4cf48c1

newyear.lugansk.info Open in urlscan Pro 2a02:4780:b:1237:0:2b88:1f42:7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

91 %HTTPS

74 %IPv6

19 Domains

28 Subdomains

25 IPs

7 Countries

1307 kBTransfer

2772 kBSize

22 Cookies

4 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newyear.lugansk.info Open in urlscan Pro
2a02:4780:b:1237:0:2b88:1f42:7 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

91 %
HTTPS

74 %
IPv6

19
Domains

28
Subdomains

25
IPs

7
Countries

1307 kB
Transfer

2772 kB
Size

22
Cookies

94 HTTP transactions
3 data transactions