www.t.ks.ua Open in urlscan Pro
88.198.13.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.ks.ua/
Effective URL:
http://www.t.ks.ua/
Submission: On November 25 via api (November 25th 2022, 2:33:48 am UTC) from GB — Scanned from GB

Summary HTTP 200 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 32 domains to perform 200 HTTP transactions. The main IP is 88.198.13.114, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.t.ks.ua.

This is the only time www.t.ks.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 51	88.198.13.114 88.198.13.114	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2 9	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6e::6	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	13.41.118.175 13.41.118.175	16509 (AMAZON-02) (AMAZON-02)
1	94.130.160.12 94.130.160.12	24940 (HETZNER-AS) (HETZNER-AS)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
2	18.170.123.253 18.170.123.253	16509 (AMAZON-02) (AMAZON-02)
200	43

51 88.198.13.114 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-13-114.clients.your-server.de

t.ks.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.t.ks.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net

p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6e::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr1---sn-4g5ednsd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.118.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.160.12 (Karlsruhe, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.160.130.94.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.123.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-123-253.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	t.ks.ua 1 redirects t.ks.ua www.t.ks.ua	1 MB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	713 KB
24	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 94 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 ad.doubleclick.net — Cisco Umbrella Rank: 168	167 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com csi.gstatic.com	237 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23672 ad4m.at — Cisco Umbrella Rank: 8597 assets.ad4m.at — Cisco Umbrella Rank: 32089	606 KB
14	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 3127 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83 clients1.google.com — Cisco Umbrella Rank: 531	171 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	236 KB
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 150647 i.bigmir.net — Cisco Umbrella Rank: 302041	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 16721 api.webgains.io — Cisco Umbrella Rank: 49334	31 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7898 www.google.de — Cisco Umbrella Rank: 5405	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 8545	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	3 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13556	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 681	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 83407 static-de.ad4mat.net — Cisco Umbrella Rank: 115873	4 KB
2	criteo.com cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8266 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10403	348 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 40	20 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 48227	56 KB
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 88383	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39381	2 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 77449	517 B
1	googlevideo.com rr1---sn-4g5ednsd.googlevideo.com — Cisco Umbrella Rank: 93699	2 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1884	12 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1473	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 314	461 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1486	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 649	465 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 274	49 KB
1	criteo.net pix.eu.criteo.net — Cisco Umbrella Rank: 6719	46 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	693 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
200	32

	Domain	Requested by
50	www.t.ks.ua	www.t.ks.ua
28	tpc.googlesyndication.com	googleads.g.doubleclick.net www.t.ks.ua tpc.googlesyndication.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.t.ks.ua
16	pagead2.googlesyndication.com	www.t.ks.ua pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	www.google.com	2 redirects cse.google.com www.t.ks.ua googleads.g.doubleclick.net tpc.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	counter.yadro.ru	2 redirects www.t.ks.ua
3	i.bigmir.net	www.t.ks.ua
3	fonts.googleapis.com	www.t.ks.ua googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	1 redirects as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.t.ks.ua www.google-analytics.com
2	cse.google.com	www.t.ks.ua www.google.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	tm.simptrack.com	as.ad4m.at
1	track.webgains.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	rr1---sn-4g5ednsd.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.t.ks.ua
1	s0.2mdn.net	tpc.googlesyndication.com
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	cat.nl.eu.criteo.com	googleads.g.doubleclick.net
1	pix.eu.criteo.net	googleads.g.doubleclick.net
1	www.google.de	www.t.ks.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com	www.t.ks.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	www.t.ks.ua
1	t.ks.ua	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
200	50

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
www.instagram.com
geotlon.com
top.bigmir.net
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
simptrack.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 25 frames:

Primary Page: http://www.t.ks.ua/
Frame ID: FDB3F36E024DACBB900EA7F4F8450BCB
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 45D190F7592D004F101E07AC0B4B0070
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&adk=1812271804&adf=3025194257&lmt=1669342505&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&pra=5&wgl=1&dt=1669343621324&bpp=24&bdt=830&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8717273140795&frm=20&pv=2&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=206
Frame ID: 06EC0F322AB092A461A86E1AB52DAF63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=280&slotname=2550412611&adk=849037746&adf=1104840411&pi=t.ma~as.2550412611&w=350&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&format=350x280&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669343621352&bpp=1&bdt=858&idt=184&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=i0NHMbDdWM&p=http%3A//www.t.ks.ua&dtd=190
Frame ID: 29AC74AB1CE8CEB19AFD239616FBC47C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=1307&slotname=4617354519&adk=1904281039&adf=2217611912&pi=t.ma~as.4617354519&w=380&cr_col=1&cr_row=13&fwrn=2&lmt=1669342505&rafmt=9&format=380x1307&url=http%3A%2F%2Fwww.t.ks.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&dt=1669343621353&bpp=1&bdt=859&idt=195&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rqIx0USHCp&p=http%3A//www.t.ks.ua&dtd=199
Frame ID: 49417269AA863737E7D03E12F03BAAC1
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html
Frame ID: E593D2ABB6C3B3658363E92AEA68C74C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CJ_zWhSmAY6KEJL6m9u8P3OeDuAvMx8-2bf3GufXWEKyAiaLRLxABIKuqyyVglQKgAcO2yJ8DyAEJqQLhXeT-VkWSPqgDAcgDSKoE7AFP0M33n__NjlU_L42txe8Q8tuxOK6tVcmnR4f9ZN7olPWv0uVBZKkP8mAuAdfCE2GuA4Ge965JjLfGaYtf8lssVQjNtkmnS-HK8MaXIxJkF1MgH0tckN62XYM3eC9mknmvS3a2zeuJiUliu2XToFBOmFsZef_BdwCrvaJPRWUa0d5-n6hXJ7VBE5JD96kGik2E-yM2vVvZvRCyRBZOtBns0NYp-EtNYk1U4EYe8OXW3LAIDOO140s3uG1XXB0LRNcvvnxRdi5yjO6K4GkFJ5YAsxWngSN176Z0A3FKTkjR0-O9qGZt1bwtYNsO0MAE0ISz-58EkgUECAQYAZIFBAgFGASgBi6AB8iZtpUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ84sM0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMzQxMDQ5MTUzMTQyMzU1MxgA&sigh=KEMriZiQleA&uach_m=[UACH]&cid=CAQSGwDq26N9hkpqD7Y-CGR76tuVOf7wh_f7wlIk7RgBIBM&template_id=419
Frame ID: AD75ACA0D5FBA07EF90F35723BC0509A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 581D748A9361D78BE0DB3668358D12E1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8
Frame ID: 74292437EFFD633FA59E7CB5F76905CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=50&adk=2162631557&adf=3803281417&pi=t.aa~a.1567046725~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x50&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307%2C1200x90&nras=3&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eOyuQZWsdT&p=http%3A//www.t.ks.ua&dtd=13
Frame ID: 411DC42D7C9AE12D61AC9777FEF33060
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: AE1FE63B9145C568F073B304A865B428
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7178F4E8A63CF097C291ED3CF9749F19
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D4664E95B77F618AD3AB142758B8E78
Requests: 2 HTTP requests in this frame

Frame: https://p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 4F12C7704ACBEDB33E06B95F7E2EE978
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CxiW1himAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTcAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISRSIHkFPgxYAOFn73H9Cdaeu4E5xMUf0jpC-YuCK9GlPOWlvnMr-ABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzQxMDQ5MTUzMTQyMzU1MxgA&sigh=0YTVEUNd76w&uach_m=[UACH]&cid=CAQSOwDq26N9g0uyrAwFBi538flN4QpyE3L0VtI5nQjYDaN42RDfnNFtImk36biMw4fZv4iTc7FJCUxJPRqRGAEgEw
Frame ID: C5A60697AEF5BA5A1107EDC0A989039A
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j6fp7zj56v65dk8c7qaejrtg2h1avtnedaz4vx19wqvcz2596v507639vtb9p7pt5751jv08g43w4vpjrq4mcyp73fzgrzgpp3jaeytg3fggazq3tze1yp0dx689nvrxkpwprh98qt02p0gzx9h9spm8103bq51m0pgkdtv0kjkz285yaafnd4cjfmqzftmt3e2cv0t3qhwde0amd6c24xrqg3145ecpz57a4wgs4jnt1srm0n693kejttthmy400bmvv6h14jg3d9snk041zaxsp4f1nfm6qyk6cdtrtkngfb37y2zg7gxyc5abwncdpgdqp1hppz8hwwawksvtfkhwnjbd139dvy09d9ngamh2jz5bgzv87r78k79fjv0efhkqghvb94k7xfa7bfd72q9fcs06zgxn3wzq8969c2cvv9p1zm51q1ctm3e9kqrmc2g92n2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%26client%3Dca-pub-3410491531423553%26adurl%3D
Frame ID: 84FB4F2B84E206FBC5D88847B3628723
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF1626F61ABB64E14D6553597286D5E0
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019
Frame ID: 3350ABCCDF1F6B6B29E4EE0834E650D5
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: D5929FC01CAB4872CB5DD5A7388C9010
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1601CA146A5D7275BC5A365FBF9F879E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 25EB1260AB9C6024A2C0B6604F8641BB
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Frame ID: 6FFA89D2C62265513000B9CAC0310701
Requests: 14 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 2A9E3971657B1377000AA419F01E569D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAF55FA2EB4CF8DC89D91C213B36044A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A7F0DD6DCED33E57EF972F8683EDD86
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости и события Херсона | Типичный Херсонпоиск

Page URL History Show full URLs

http://t.ks.ua/ HTTP 301
http://www.t.ks.ua/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

200
Requests

69 %
HTTPS

57 %
IPv6

32
Domains

50
Subdomains

43
IPs

8
Countries

5451 kB
Transfer

9102 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/typical.kherson.city

Search URL Search Domain Scan URL

URL: https://t.me/kherson_typical

Search URL Search Domain Scan URL

URL: https://www.instagram.com/typical_kherson/

Search URL Search Domain Scan URL

URL: http://geotlon.com/
Title: Geotlon

Search URL Search Domain Scan URL

URL: http://top.bigmir.net/report/16916894/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.ks.ua/ HTTP 301
http://www.t.ks.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

http://counter.yadro.ru/hit?t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314 HTTP 302
https://counter.yadro.ru/hit?t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314 HTTP 302
https://counter.yadro.ru/hit?q;t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGXhcsjFUznBxIOvb0rlBsM&google_cver=1&google_push=ASkJ3FaYG0uvWp_PeL4NL24Lmw1TpkbS4erR47nQgSNANz8QfVaIxNtu1-je1JUav-iQWRZrU6Pixt4J7KPpw6uRUsMNHiwhMx8A HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGXhcsjFUznBxIOvb0rlBsM&google_cver=1&google_push=ASkJ3FaYG0uvWp_PeL4NL24Lmw1TpkbS4erR47nQgSNANz8QfVaIxNtu1-je1JUav-iQWRZrU6Pixt4J7KPpw6uRUsMNHiwhMx8A&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeyEhbooSOi4fyqp5q__nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaYG0uvWp_PeL4NL24Lmw1TpkbS4erR47nQgSNANz8QfVaIxNtu1-je1JUav-iQWRZrU6Pixt4J7KPpw6uRUsMNHiwhMx8A

Request Chain 158

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC9Jy4quZlTyk5uQgTy95gY&google_cver=1&google_push=ASkJ3FYbPiNofjaRPjWfwJFQYuY81Ev26JGtJiRNu5jIayue2A3-VPK4GVrdp973Cp-Pk_MYUqbh7SSZXNYiLABRa4-9rc6NkJev HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFWVzNCQUUtMU0tM1NDOA==&google_push=ASkJ3FYbPiNofjaRPjWfwJFQYuY81Ev26JGtJiRNu5jIayue2A3-VPK4GVrdp973Cp-Pk_MYUqbh7SSZXNYiLABRa4-9rc6NkJev

Request Chain 159

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_cver=1&google_push=ASkJ3Fa9v0G_nw1LVJHaNqGkqOHr2DV6-PBoLVu6U1YgBYwcWa1XS3fK5thwawe4Xy23XqlBdm5T53cB-H68WooyUDQoijCmP24q HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_push=ASkJ3Fa9v0G_nw1LVJHaNqGkqOHr2DV6-PBoLVu6U1YgBYwcWa1XS3fK5thwawe4Xy23XqlBdm5T53cB-H68WooyUDQoijCmP24q&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_hm=Y4Aph5hS_t0y02c1vEgUFAAAArgAAAIB&google_nid=index&google_push=ASkJ3Fa9v0G_nw1LVJHaNqGkqOHr2DV6-PBoLVu6U1YgBYwcWa1XS3fK5thwawe4Xy23XqlBdm5T53cB-H68WooyUDQoijCmP24q

Request Chain 182

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPvFzs2lyPsCFVzbEQgdtKUJWw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669343624_94b020d0-6c69-11ed-9d10-2262c713b6c4

200 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.t.ks.ua/
Redirect Chain

http://t.ks.ua/
http://www.t.ks.ua/

84 KB
85 KB

153ms
86ms

Document
text/html

88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips / PHP/5.4.28

Resource Hash

afe6d9c79743607cf6c44a414e86776485315d2de751b73b2a78df16a90372e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: public, max-age=3600
Connection: Keep-Alive
Content-Language: ru
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Nov 2022 02:33:40 GMT
Etag: "1669342505-0"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 25 Nov 2022 02:15:05 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Transfer-Encoding: chunked
Vary: Cookie
X-Content-Type-Options: nosniff
X-Drupal-Cache: HIT
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.4.28

Redirect headers

Cache-Control: max-age=1209600
Connection: Keep-Alive
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 25 Nov 2022 02:33:40 GMT
Expires: Fri, 09 Dec 2022 02:33:40 GMT
Keep-Alive: timeout=5, max=100
Location: http://www.t.ks.ua/
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css
www.t.ks.ua/sites/default/files/css/ 4 KB
2 KB 118ms
59ms Stylesheet
text/css 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/css/css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

ac423fe5c2bf07d841e12a36c9952daf9c1eb8457785eb8096508313a5ec2242

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:36 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d80235-4d4-5e91a1656352b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1236
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK css_sE5EHrbMAlMWcKO0wTTDEp2Oa2elEJ56kkSg6Z66wto.css
www.t.ks.ua/sites/default/files/css/ 26 KB
5 KB 118ms
59ms Stylesheet
text/css 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/css/css_sE5EHrbMAlMWcKO0wTTDEp2Oa2elEJ56kkSg6Z66wto.css

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

b04e441eb6cc02531670a3b4c134c3129d8e6b67a5109e7a9244a0e99ebac2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d8052a-13b3-5e91a16c51bcb"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5043
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK css_mQHzyCUbJuOHLUhmRufizGGSYCMIj4oA8yOuIFDoBQU.css
www.t.ks.ua/sites/default/files/css/ 4 KB
2 KB 120ms
60ms Stylesheet
text/css 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/css/css_mQHzyCUbJuOHLUhmRufizGGSYCMIj4oA8yOuIFDoBQU.css

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

9901f3c8251b26e3872d486646e7e2cc61926023088f8a00f323ae2050e80505

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d8052c-48d-5e91a16c9d2d3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1165
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css
www.t.ks.ua/sites/default/files/css/ 434 KB
53 KB 119ms
59ms Stylesheet
text/css 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/css/css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

569508fadda24b4b0742cfb74ca39505b9fd421a4dea4ff2d1ff89c11c725917

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d8052e-d3d7-5e91a16cdaf1b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54231
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK modernizr-2.8.3.min.js Show response
www.t.ks.ua/sites/all/themes/tks/js/ 15 KB
16 KB 119ms
60ms Script
text/javascript 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/all/themes/tks/js/modernizr-2.8.3.min.js?riiagf

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Aug 2018 18:18:05 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "e60d7d-3c9a-573f60c0f2e95"
Content-Type: text/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15514
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
54 KB 149ms
80ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

713bdc80ea971bdc9f7248dac299dd53b5d9bc2972d0b323e5dbdee1edd48bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 55115
X-XSS-Protection: 0
Server: cafe
ETag: 6796772038831975460
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 25 Nov 2022 02:33:41 GMT

GET
H/1.1 200
OK logo.png
www.t.ks.ua/sites/all/themes/tks/img/ 7 KB
7 KB 66ms
60ms Image
image/png 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/all/themes/tks/img/logo.png

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

b6e0878c3c6fbe81a1f3e2e7daca0bdf258dc07cf0112e80e8933a9a481252f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Aug 2018 18:18:01 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "e60d68-1afc-573f60bd82c8d"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6908
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 191 KB
57 KB 231ms
88ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3410491531423553

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a921ba0b6b1163adac8d09560dd148e884cc24e4222a2427c67b18a6e2811fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58120
x-xss-protection: 0
server: cafe
etag: 857180417778048150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 02:33:41 GMT

GET
H/1.1 200
OK photo_2022-11-24_23-32-49.jpg
www.t.ks.ua/sites/default/files/styles/front_left_big/public/ 66 KB
66 KB 65ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left_big/public/photo_2022-11-24_23-32-49.jpg?itok=ndohdv38

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

ce96c9fbe6e1af57617dbae46f1b78d9bbf12bd9112ef8e9f94eafeaf32a11e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Nov 2022 02:00:40 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb8311-10641-5ee41e37ad836"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67137
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 1668938587_00240000-0aff-0242-bb69-08dac6293470_cx8_cy16_cw88_w1597_r1_s.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
5 KB 66ms
61ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/1668938587_00240000-0aff-0242-bb69-08dac6293470_cx8_cy16_cw88_w1597_r1_s.jpg?itok=zObZy9qc

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

25023e1a95968db342af417b8bfabdb3c0cc6dfbbd2d45dd1d742671b24fd113

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Nov 2022 01:08:55 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4886-138a-5ee04d0e196c2"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5002
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 2784062_2.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 4 KB
5 KB 66ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/2784062_2.jpg?itok=bCrpGbIO

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

df8c4486d8fc9fe5c893f617970c1714f71515f3f6c2afcfecb0708c99d00af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 20 Nov 2022 01:09:07 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee484b-11cb-5eddc95eeff2d"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4555
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK opera-znimok_2022-11-17_180125_i.obozrevatel.com_.png
www.t.ks.ua/sites/default/files/styles/front_left/public/ 28 KB
29 KB 103ms
61ms Image
image/png 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/opera-znimok_2022-11-17_180125_i.obozrevatel.com_.png?itok=PlQOZYpb

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

a93b022d478e603b61b9c334ed8d0141052bb8cee87eadaecc547d3498795ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 19 Nov 2022 03:39:27 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4836-710e-5edca91baf3b8"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 28942
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK stilianspai_315644593_1173533506925660_308679315178179706_n_0.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 3 KB
4 KB 105ms
64ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/stilianspai_315644593_1173533506925660_308679315178179706_n_0.jpg?itok=k_98qgIF

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

bf27ca0d93f4b2e9c8aaa0877fe3e49bf24833d07feb7652b354c8efd9e000dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Nov 2022 14:32:48 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4819-cb8-5edbf9471996b"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3256
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 38ae646-1zvilnenyi-herson.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 6 KB
6 KB 224ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/38ae646-1zvilnenyi-herson.jpg?itok=in4KUgQp

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

a70ad1cdc7e0a97c42939453cbd8040fa0f87263501035e3e9b19cc784173d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Nov 2022 01:40:09 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4800-1618-5edb4c9415cc2"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5656
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 82669515f0968ffb55dc100efe734a8b_0.jpeg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 4 KB
4 KB 176ms
61ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/82669515f0968ffb55dc100efe734a8b_0.jpeg?itok=3_8mDgJ1

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

4e5a64d1c5c0398127f7bb242763533650de54fe648fa7d2b2ebba01a37382bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 Nov 2022 02:17:31 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee47e2-ef2-5eda131043e1e"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3826
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK favbet.png
www.t.ks.ua/sites/default/files/styles/front_left/public/ 22 KB
23 KB 101ms
59ms Image
image/png 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/favbet.png?itok=WhEH8655

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

1d2572ac30e71516debd607825bdf91a2f02e482692613a6bbb6ce81089a5633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 00:06:55 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4793-59ce-5ed772242c6c9"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22990
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 2782094.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
5 KB 220ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/2782094.jpg?itok=vO9a9JzF

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

15e1997fb68901ba622544565a8882859e0b5670a4cf689bbff7d29dea2cccf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Nov 2022 00:16:40 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4711-138b-5ed26cdc9448f"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5003
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 2781775.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
6 KB 194ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/2781775.jpg?itok=r5Db8Xlu

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

eb7e3e9cb4b00e5580caf5ec176ed75d9749bc80107fdaf4aa8c18249cf59cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Nov 2022 01:03:52 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee46f5-144e-5ed1358b87c7c"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5198
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 2781476.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 6 KB
7 KB 131ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/2781476.jpg?itok=iEKWVwio

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

46fd6c4e6eaf4d084c565ba43ec3525913690d5e99f8fbfb8b0248d559ff989f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Nov 2022 23:01:57 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee46e1-1886-5ecfd86dc53b8"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6278
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK photo_2022-11-03_17-43-18.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 4 KB
5 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/photo_2022-11-03_17-43-18.jpg?itok=V0RpAu56

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

4b309ae6bbbb879100d05ef9a1ee210c17bf6d657ee5d43c51d4e74ebad3f781

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 04 Nov 2022 01:18:26 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4649-1193-5ec9ad9cff984"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4499
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 1667282069_1667282045026.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 30 KB
31 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/1667282069_1667282045026.jpg?itok=XacgMwTJ

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

469171b75ac4d836541714abeec16f190e8e00d8929d74153cedaec1eb49dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Nov 2022 01:19:24 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4610-792a-5ec72a190da62"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 31018
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 21_main-v1615976907_2.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
5 KB 62ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/21_main-v1615976907_2.jpg?itok=xxjRTibT

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

5184bb70fac12bf60208ea96ec7b4959417b2179d7194dddd3d30dd020d45854

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Nov 2022 02:08:46 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee45fb-13a6-5ec5f34427bdd"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5030
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
52 KB 246ms
106ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d25965501ec6ae33a97414b953001e70ac1e66e5716fd9ee7588681abb6a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52337
x-xss-protection: 0
server: cafe
etag: 6853388786888693953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 02:33:41 GMT

GET
H/1.1 200
OK 1668286914_filestoragetemp71.jpg
www.t.ks.ua/sites/default/files/styles/front_left_big/public/ 26 KB
27 KB 60ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left_big/public/1668286914_filestoragetemp71.jpg?itok=Kex8qC-W

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

97ab169d2db3ee9ebd5277036a98d60a62bd2be77da2d79920b5acde63da6b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Nov 2022 23:32:50 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb817d-6934-5ed4e6cb57977"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 26932
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 733547_0.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
6 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/733547_0.jpg?itok=eAD9wote

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

d15d58ca40e8ec45c2a3954cb34f789d02dd3eac779e561f12373e2e23d24231

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 12 Nov 2022 23:32:50 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee474b-14c2-5ed4e6cb4f0bf"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5314
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 4629e6cf8655d5c7271f4d69_2.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
6 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/4629e6cf8655d5c7271f4d69_2.jpg?itok=ctmB7PjR

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

696a78169197b31f64edb45beaf947deee34606c3d425da93a08d3c4d7754589

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Oct 2022 13:21:28 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee448c-14a3-5eb4ef8396289"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5283
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 2774634.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 7 KB
8 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/2774634.jpg?itok=q7hEVR9B

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

d176470e3d0236f8833574feaff246be41e4a93f1728e85d14c999f2e14c756a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Oct 2022 13:22:19 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee448d-1dc6-5eb4efb519f09"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7622
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 736231.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 6 KB
6 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/736231.jpg?itok=J_IK8jNw

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

1868049c86b74df4a0068fc3b509c93dd88c501ea362c21d32eeb590c7dc1a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Nov 2022 22:51:39 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee48db-181b-5ee3f3f7f412f"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 6171
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 1669120240_1669120214096.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 32 KB
33 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/1669120240_1669120214096.jpg?itok=_3EnVpfZ

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

0dc7e48f116bb627976cc0d34cc46eebfc26fde013aea8360239cebaa5ab278d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Nov 2022 01:51:52 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee48b0-8096-5ee19884fe6a3"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 32918
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 4a069ffef3dfb7989a8fd3fa.jpeg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
5 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/4a069ffef3dfb7989a8fd3fa.jpeg?itok=f2oBk2Ii

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

f5000b2170b5f39bae32246462d83608ddad8561f2cec98119006a78b0b70c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Nov 2022 01:51:52 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee48af-1377-5ee19884fb3db"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4983
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 2784565.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 4 KB
4 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/2784565.jpg?itok=RBwWTlwD

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

7c2bfadd7aa869112d76d5ecf240d9bc18cd51225eb2e1dd0a98a9b01872eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Nov 2022 13:55:20 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4893-1014-5ee0f85d689dd"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4116
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK chorna-pyatnyczya.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 7 KB
8 KB 61ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/chorna-pyatnyczya.jpg?itok=z5L7hLUC

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

61be0314c7b04e8e810a0e6e4e0fc63487b3a5455b75b1ebeef6d84a3b64432b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Nov 2022 03:09:58 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4890-1da5-5ee0681cdcda6"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 7589
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 1dipad4lfoizdvnwcipygzupqmntvrfkl7cp28iq.jpg
www.t.ks.ua/sites/default/files/styles/front_left/public/ 5 KB
5 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_left/public/1dipad4lfoizdvnwcipygzupqmntvrfkl7cp28iq.jpg?itok=cx-pB2Oa

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

960946a781edab37b15e1662e2c20f18160f8d14554a8bdf7a565a3124a9d3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Nov 2022 00:42:16 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ee4884-1263-5ee04719b19ea"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4707
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK dashaamasha.jpg
www.t.ks.ua/sites/default/files/styles/front_big1/public/ 57 KB
57 KB 60ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_big1/public/dashaamasha.jpg?itok=4_gSGFeC

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

f155b93e1cd3ee48f9a1f343cd2b9ba27e7dc2b759cf3056ca6cc56627c1850e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jul 2022 11:47:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb7453-e3ab-5e39a3c727272"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 58283
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK bez_nazvaniya_12_-_kopiya.jpg
www.t.ks.ua/sites/default/files/styles/front_small1/public/ 3 KB
4 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_small1/public/bez_nazvaniya_12_-_kopiya.jpg?itok=yae5bNjq

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

e67a15b4dd3c754b3dd32ae812ed806f30dd5d1120563f98a29b1f29f4b8235d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jul 2022 11:47:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb7452-db3-5e39a3c7233f2"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3507
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 5ae00c3-kherson-2.jpg
www.t.ks.ua/sites/default/files/styles/front_small1/public/ 4 KB
4 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_small1/public/5ae00c3-kherson-2.jpg?itok=TX09HrdA

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

4496a05457fdfdcc6937d4015c25d674c275cb18006c24ba91ec66225f0baf00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Jul 2022 22:06:47 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ea069c-1011-5e3161195b455"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4113
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK photo_2022-06-19_10-00-55.jpg
www.t.ks.ua/sites/default/files/styles/front_small1/public/ 3 KB
3 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_small1/public/photo_2022-06-19_10-00-55.jpg?itok=YLb2TmUN

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

4ce8b8ca1149aa43c314ad2e5540442f1505f719a689a39070c70bc3bfc50075

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 27 Jun 2022 23:12:51 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "ea05c6-b8e-5e2760f276458"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2958
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK photo_2022-11-24_23-32-49.jpg
www.t.ks.ua/sites/default/files/styles/front_big1/public/ 55 KB
56 KB 60ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_big1/public/photo_2022-11-24_23-32-49.jpg?itok=9cbgh-fr

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

c7991e3b3598403f179f354998a394b330ce84dca1622ebdb3c291e8306f9e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Nov 2022 02:00:41 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb8313-dd4f-5ee41e386f5c6"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 56655
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK cfa4d4a7fdbdd4e522aac12414f49476_1.jpeg
www.t.ks.ua/sites/default/files/styles/front_small1/public/ 3 KB
3 KB 60ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_small1/public/cfa4d4a7fdbdd4e522aac12414f49476_1.jpeg?itok=9gVrNAcK

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

2561a7819cf43b74144d7c45e48ca4c9b0a450d9fd862c262049e8b62848ff4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Nov 2022 02:00:41 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb8312-b70-5ee41e385a5d6"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2928
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 38ae646-1zvilnenyi-herson.jpg
www.t.ks.ua/sites/default/files/styles/front_small1/public/ 4 KB
5 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_small1/public/38ae646-1zvilnenyi-herson.jpg?itok=P69tDvKK

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

d65de336244f8307a9e8547d2718a0e6602ac0e2ea692536383982a5a1ea1e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 20 Nov 2022 03:55:24 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb8281-108b-5eddee89aebcc"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 4235
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK 734907.jpg
www.t.ks.ua/sites/default/files/styles/front_small1/public/ 3 KB
3 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/front_small1/public/734907.jpg?itok=98vVmVVn

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

410c2508afb1dbf9d2f2c342e2f7249c24bbc455645939162a17ae1224e47a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Nov 2022 01:46:12 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb822d-adf-5edb4dee470aa"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2783
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK photo_2022-11-24_23-32-49.jpg
www.t.ks.ua/sites/default/files/styles/left_list/public/ 26 KB
26 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/left_list/public/photo_2022-11-24_23-32-49.jpg?itok=OOCrHFLX

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

ca89bbbe6fb8be3711ac0298e90d876e0022c17bc20a40f1f57f20f35da4ea24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Nov 2022 00:13:36 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb830b-6630-5ee4064902c17"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 26160
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK opera-znimok_2022-11-24_205135_www.google.com_.png
www.t.ks.ua/sites/default/files/styles/left_list/public/ 220 KB
220 KB 60ms
59ms Image
image/png 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/left_list/public/opera-znimok_2022-11-24_205135_www.google.com_.png?itok=-JY7tcpU

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

18e2cc14164a8d4d30c7ef8867c6383a19bbe1c70f8f1cbcd7bd4ac091a8dcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Nov 2022 23:29:53 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb8307-3700c-5ee3fc8398b1f"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 225292
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK kokul2.jpg
www.t.ks.ua/sites/default/files/styles/left_list/public/ 24 KB
24 KB 60ms
60ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/left_list/public/kokul2.jpg?itok=GnF23JDw

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

68c4a1f7b18f258d08a290c774ec8b32558bd3d8716594fd8f3bcc44a4825d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Nov 2022 23:29:52 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb8306-5f3b-5ee3fc83721ef"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 24379
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK original-1.jpg
www.t.ks.ua/sites/default/files/styles/left_list/public/ 23 KB
24 KB 59ms
59ms Image
image/jpeg 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/default/files/styles/left_list/public/original-1.jpg?itok=yWpeUSRD

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

a9eae05f9b1cd72045348f904de28ce4b3f6272ba649047cd0a2d6b8c2fd051c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Nov 2022 00:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "eb82e7-5c44-5ee2c5151cef8"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 23620
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H/1.1 200
OK js_hnMzUoFgH3luRyvCzTEKnhdNsGCAefVulZ861JrAwjc.js Show response
www.t.ks.ua/sites/default/files/js/ 113 KB
40 KB 60ms
59ms Script
text/javascript 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/js/js_hnMzUoFgH3luRyvCzTEKnhdNsGCAefVulZ861JrAwjc.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

8673335281601f796e472bc2cd310a9e174db0608079f56e959f3ad49ac0c237

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:45 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d80532-9d81-5e91a16def8e3"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 40321
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK js__7Mjvj_fIAGoauK0xklylKBUIHrCcijyT8yucEi2E0o.js Show response
www.t.ks.ua/sites/default/files/js/ 44 KB
15 KB 60ms
60ms Script
text/javascript 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/js/js__7Mjvj_fIAGoauK0xklylKBUIHrCcijyT8yucEi2E0o.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

ffb323be3fdf2001a86ae2b4c6497294a054207ac27228f24fccae7048b6134a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:45 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d80537-3aa3-5e91a16e1c7a3"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15011
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK js_xGqoKWTWVtrHlRNammNd9ioIf9QwWwGgDJpcE2GBhoY.js Show response
www.t.ks.ua/sites/default/files/js/ 61 KB
15 KB 60ms
59ms Script
text/javascript 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/js/js_xGqoKWTWVtrHlRNammNd9ioIf9QwWwGgDJpcE2GBhoY.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

c46aa82964d656dac795135a9a635df62a087fd4305b01a00c9a5c1361818686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:45 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d80539-3a8b-5e91a16e296ab"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14987
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK js_ue8hMLZgNympPmmA7eXpKYBBdGt3hEiSbwjNQ1OIcBY.js Show response
www.t.ks.ua/sites/default/files/js/ 13 KB
5 KB 60ms
59ms Script
text/javascript 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/js/js_ue8hMLZgNympPmmA7eXpKYBBdGt3hEiSbwjNQ1OIcBY.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

b9ef2130b6603729a93e6980ede5e9298041746b778448926f08cd4353887016

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:46 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d8053b-10d9-5e91a16e4b1bb"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4313
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H/1.1 200
OK js_SlC6WMrAYstPiVTjHAkYwvnhORYM7eWRIPSvCEleVbU.js Show response
www.t.ks.ua/sites/default/files/js/ 213 KB
58 KB 60ms
59ms Script
text/javascript 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/default/files/js/js_SlC6WMrAYstPiVTjHAkYwvnhORYM7eWRIPSvCEleVbU.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

4a50ba58cac062cb4f8954e31c0918c2f9e139160cede59120f4af08495e55b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 11:25:46 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "d8053d-e5c7-5e91a16e86adb"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 58823
Expires: Fri, 09 Dec 2022 02:33:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 195ms
68ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/sites/default/files/css/css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ceb8512ba4f6cb86b43afdc75dcb5be3bbe829c7eee14a23143754c890f069b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 02:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 02:33:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 02:33:40 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 191ms
59ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 469090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:15:31 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 221ms
84ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=014534538706099257956:vjgkak8nfma

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

92f8ce85449681fac03962b2e3dfec8e91f25310f0329975b915a92fc26fe4af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3519
x-xss-protection: 0
bfcache-opt-in: unload
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
expires: Fri, 25 Nov 2022 02:33:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 301ms
195ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 01:24:30 GMT
x-content-type-options: nosniff
age: 90551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:24:30 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.t.ks.ua/sites/all/themes/tks/fonts/ 65 KB
66 KB 78ms
60ms Font
text/plain 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.t.ks.ua/sites/all/themes/tks/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/sites/default/files/css/css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.t.ks.ua/sites/default/files/css/css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Aug 2018 18:17:58 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "e41046-10440-573f60ba6f6e5"
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 66624
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 261ms
155ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 276126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 21:51:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 288ms
182ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 109396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:10:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 274ms
169ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 566328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 13:14:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 304ms
202ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 19:02:01 GMT
x-content-type-options: nosniff
age: 286300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 19:02:01 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 206ms
85ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.bigmir.net/?o1&v16918485&s16916894&t0&c1&n683981&w0&y0&d24&r1600
Requested by: Host: www.t.ks.ua
URL: http://www.t.ks.ua/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: df7fe6d3f845c72be37a0a00c032557df76fed34ca0dbb0800958cd098cb94d3

Request headers

Referer: http://www.t.ks.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:33:41 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK views.png
www.t.ks.ua/sites/all/themes/tks/img/ 4 KB
4 KB 59ms
59ms Image
image/png 88.198.13.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.t.ks.ua/sites/all/themes/tks/img/views.png

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/sites/default/files/css/css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css

Protocol

HTTP/1.1

Server

88.198.13.114 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-13-114.clients.your-server.de

Software

Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips /

Resource Hash

00253d12eb17d0981a715829e3e964da2558163faf0cff1af61ef09c77bf8e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/sites/default/files/css/css_VpUI-t2iS0sHQs-3TKOVBbn9QhpN6k_y0f-JwRxyWRc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Aug 2018 18:18:02 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
ETag: "e60d6d-fbf-573f60be23ac5"
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4031
Expires: Fri, 09 Dec 2022 02:33:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 298ms
221ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 281038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:29:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 210ms
138ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.t.ks.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 595452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:09:29 GMT

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 306 KB
101 KB 189ms
66ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=014534538706099257956:vjgkak8nfma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3d3d83aaf2318852fe2f9ffae5d031444e48a76e9ef1998a64763e43772fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103735
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 22 Nov 2023 18:07:38 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 180ms
58ms Stylesheet
text/css 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=014534538706099257956:vjgkak8nfma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 23:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 24 Nov 2023 23:20:55 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 179ms
57ms Stylesheet
text/css 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=014534538706099257956:vjgkak8nfma

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 25 Nov 2022 03:17:47 GMT

GET
H/1.1 200
OK b53_left.gif
i.bigmir.net/cnt/samples/default/ 319 B
644 B 206ms
82ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/default/b53_left.gif
Requested by: Host: www.t.ks.ua
URL: http://www.t.ks.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:26 GMT
Server: nginx
ETag: "45b60a32-13f"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 319
Expires: Mon, 28 Nov 2022 02:33:41 GMT

GET
H/1.1 200
OK b53_center.gif
i.bigmir.net/cnt/samples/default/ 96 B
419 B 199ms
85ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/default/b53_center.gif
Requested by: Host: www.t.ks.ua
URL: http://www.t.ks.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:25 GMT
Server: nginx
ETag: "45b60a31-60"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 96
Expires: Mon, 28 Nov 2022 02:33:41 GMT

GET
H/1.1 200
OK b53_right.gif
i.bigmir.net/cnt/samples/default/ 319 B
644 B 191ms
86ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/samples/default/b53_right.gif
Requested by: Host: www.t.ks.ua
URL: http://www.t.ks.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
Last-Modified: Tue, 23 Jan 2007 13:14:26 GMT
Server: nginx
ETag: "45b60a32-13f"
Content-Type: image/gif
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 319
Expires: Mon, 28 Nov 2022 02:33:41 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314
https://counter.yadro.ru/hit?t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314
https://counter.yadro.ru/hit?q;t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314

478 B
964 B

94ms
94ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

95d4ea5463057c045e171149c12b5a17be2303d7778837d2ea0823f3d2419ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:33:41 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 478
Expires: Wed, 24 Nov 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:33:41 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t23.6;r;s1600*1200*24;uhttp%3A//www.t.ks.ua/;0.5669591968678314
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 24 Nov 2021 21:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 174ms
58ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4667
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 25 Nov 2022 03:15:54 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3410491531423553&plah=www.t.ks.ua&bust=31070923

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 15994130142540813998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 02:33:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 45D1 10 KB
5 KB 179ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:45 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 15:56:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
693 B 186ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.t.ks.ua&callback=_gfp_s_&client=ca-pub-3410491531423553&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3410491531423553&plah=www.t.ks.ua&bust=31070923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39c3199eff9b1020fae0557cddd4351daae3625dee31e20057faf9c9b4ba7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 183ms
67ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.t.ks.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 191ms
70ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.t.ks.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06EC 324 KB
73 KB 858ms
858ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&adk=1812271804&adf=3025194257&lmt=1669342505&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&pra=5&wgl=1&dt=1669343621324&bpp=24&bdt=830&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8717273140795&frm=20&pv=2&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=206

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d985fb91961b3e7b04bb79c6d016bbcecc137968d82580ae4cf90df7faf2278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 74436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
expires: Fri, 25 Nov 2022 02:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29AC 136 KB
44 KB 567ms
567ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=280&slotname=2550412611&adk=849037746&adf=1104840411&pi=t.ma~as.2550412611&w=350&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&format=350x280&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669343621352&bpp=1&bdt=858&idt=184&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=i0NHMbDdWM&p=http%3A//www.t.ks.ua&dtd=190

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bc43b6c6655fcd86ceb8e9b8f8993678ecccac8e26d189721c9bbe9ecace9f8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COLaysylyPsCFT6T_Qcd3PMAtw&gqi=hSmAY-eNI4ik9u8PuO6f8AY&layout=/sadbundle/%24csp%253Der3%24/14126602109499295128/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44523
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COLaysylyPsCFT6T_Qcd3PMAtw&gqi=hSmAY-eNI4ik9u8PuO6f8AY&layout=/sadbundle/%24csp%253Der3%24/14126602109499295128/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
expires: Fri, 25 Nov 2022 02:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4941 68 KB
22 KB 318ms
202ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=1307&slotname=4617354519&adk=1904281039&adf=2217611912&pi=t.ma~as.4617354519&w=380&cr_col=1&cr_row=13&fwrn=2&lmt=1669342505&rafmt=9&format=380x1307&url=http%3A%2F%2Fwww.t.ks.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&dt=1669343621353&bpp=1&bdt=859&idt=195&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rqIx0USHCp&p=http%3A//www.t.ks.ua&dtd=199

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9fb9bb128e8299eac2601e1ae2c23c9d48f0e419cdbfed6992a66f12060e3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22482
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:41 GMT
expires: Fri, 25 Nov 2022 02:33:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 116ms
63ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__ru.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d53665a9b0832229b53057b3e5817ef47084c697ef885b89cda4352d3b4adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "12232290828157512305"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Fri, 25 Nov 2022 02:33:41 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 173ms
57ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 12:48:40 GMT
x-content-type-options: nosniff
age: 481501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 19 Nov 2023 12:48:40 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 113ms
56ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: www.t.ks.ua
URL: http://www.t.ks.ua/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:33:41 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 170ms
61ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=407262673&t=pageview&_s=1&dl=http%3A%2F%2Fwww.t.ks.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%81%D0%BE%D0%B1%D1%8B%D1%82%D0%B8%D1%8F%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B0%20%7C%20%D0%A2%D0%B8%D0%BF%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=352068486&gjid=1236775676&cid=223956522.1669343622&tid=UA-367178-54&_gid=689049503.1669343622&_r=1&_slc=1&z=1747007062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.t.ks.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.t.ks.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 167ms
55ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-367178-54&cid=223956522.1669343622&jid=352068486&gjid=1236775676&_gid=689049503.1669343622&_u=YAhAAEAAAAAAACAAI~&z=790574052

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.t.ks.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 02:33:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.t.ks.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame 4941 9 KB
5 KB 172ms
54ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=1307&slotname=4617354519&adk=1904281039&adf=2217611912&pi=t.ma~as.4617354519&w=380&cr_col=1&cr_row=13&fwrn=2&lmt=1669342505&rafmt=9&format=380x1307&url=http%3A%2F%2Fwww.t.ks.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&dt=1669343621353&bpp=1&bdt=859&idt=195&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rqIx0USHCp&p=http%3A//www.t.ks.ua&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4941 2 KB
846 B 192ms
74ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H2 200 0ebba04b8c9cd003a59dc958d7db6169.js Show response
www.gstatic.com/mysidia/ Frame 4941 22 KB
9 KB 174ms
56ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0ebba04b8c9cd003a59dc958d7db6169.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed06e8f62a4e88cfb2c286a6d068c158d4a69fa802074ed12c90ad8e786e03e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 09:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9472
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 09:38:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 4941 23 KB
10 KB 175ms
58ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4941 3 KB
1 KB 173ms
58ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4941 18 KB
7 KB 183ms
66ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4941 154 KB
48 KB 195ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-367178-54&cid=223956522.1669343622&jid=352068486&_u=YAhAAEAAAAAAACAAI~&z=443134713

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 190ms
67ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-367178-54&cid=223956522.1669343622&jid=352068486&_u=YAhAAEAAAAAAACAAI~&z=443134713

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4941 46 KB
46 KB 173ms
58ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12328&q=80&r=0&u=https%3A%2F%2Fstatic.vangraaf.com%2Fimg%2F_pdmain-bust_551721-0005_bustfront_1.jpg&ups=1&v=3&w=800&s=iYHuCkOfmPMv7q3GGjLcM9x4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

43ed4248a4fb3b2b3969c043d4be1aa77903eb9fc0b0ee28ad612b03514af8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=384358
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47272
expires: Tue, 29 Nov 2022 13:19:40 GMT

GET
H2 200 lgn.php Show response
cat.nl.eu.criteo.com/delivery/ Frame 4941 43 B
348 B 284ms
53ms Fetch
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=48Ujrn7IzjAHN38uvvQwnpdJ1dFEc0Bo3l239eg6hXpihvpSdClkK8SZZIgfPciBoYOpPCkWiypug_RY-__ZFqFu6sWBmCCOw8NUoqTUUZOSUGEHy_yWmSki8E_OL2WEi9oruZYMwI02DmUM8Y-9-zrW733Gid_XyuYGpLXFGuX-YVp_Chnogm8JDeICHuto5WDE6_mnjgXhafqdh9N1wl_MGUvIHsrGgRY0P6Q0Qx9apXad6tb09x26IU6tZxwU4jxPXGqVrp3RpRRs9wMjZVA6rFYmnOeqB2YDdv3R2-kAM6Qzgd_caH1BUGSt9NMDWd4xABKkejUL4OR5AORcZEHHqjFnLAUUbZKcBKLsfM1sWSMJAjJqPOpsLy62GQLwxWuBouwmr6MkYmZS6s0iaLhchdQXvaA6G9Ta8amJZdNswQuA&z=Y4AphQAK3LIH_aA5AA0Lu9-uwHNEjqHsEs-SAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4265059
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4941 0
0 181ms
55ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kL2bDYrGMAAAnYNiAgIAAABfXj4NxaMjrhCFKYBjAthOqxbgVUKQO4QAEgMB&wp=Y4AphQAK3LIH_aA5AA0Lu9-uwHNEjqHsEs-SAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 246228
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4941 0
0 96ms
95ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVC2VhSmAY7K5K7nA9u8Pu5e0uA7JntKxXPWR3r6xAcCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpAu9kQzshd7E-qAMBqgTdAU_QbLzwPArEdOPuj7tz0zNM86psLHWQ7BRsRzHmpyPMIu5x6pOk2BFRh7ExI4POsuJNGQbOIkt3Qe5pRGwnoR6SfP47ggDVx6atGo6xoDupi194-F2fvNFp2J1P5PI3kxrJpW84c_rlLO6OCXubqE0rFvN_Kwm01ulJ8jmSpf5V0aziQxFp5r7ahqGjIqYXsIm_84S7ynd5gGLhgDa4CpsV6pRdxU5bJ6mIu-ldcE3DWIOdnB06ZZjVrVHg8mIG8RHPshoFPLqaCmq8xAyRyIenCvfVWubxC2sLmd_agAbil7yVnOvs_X2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM0MTA0OTE1MzE0MjM1NTMYAA&sigh=xK--K0Wewc4&uach_m=[UACH]&cid=CAQSGwDq26N9M7l5eyTuGSpBwqg-m_1a_QD8qTw1EhgBIBM&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=1307&slotname=4617354519&adk=1904281039&adf=2217611912&pi=t.ma~as.4617354519&w=380&cr_col=1&cr_row=13&fwrn=2&lmt=1669342505&rafmt=9&format=380x1307&url=http%3A%2F%2Fwww.t.ks.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&dt=1669343621353&bpp=1&bdt=859&idt=195&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rqIx0USHCp&p=http%3A//www.t.ks.ua&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4941 0
0 104ms
103ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFbBDhSmAY7K5K7nA9u8Pu5e0uA7JntKxXPWR3r6xAcCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpAu9kQzshd7E-qAMByAMCqgTdAU_QbLzwPArEdOPuj7tz0zNM86psLHWQ7BRsRzHmpyPMIu5x6pOk2BFRh7ExI4POsuJNGQbOIkt3Qe5pRGwnoR6SfP47ggDVx6atGo6xoDupi194-F2fvNFp2J1P5PI3kxrJpW84c_rlLO6OCXubqE0rFvN_Kwm01ulJ8jmSpf5V0aziQxFp5r7ahqGjIqYXsIm_84S7ynd5gGLhgDa4CpsV6pRdxU5bJ6mIu-ldcE3DWIOdnB06ZZjVrVHg8mIG8RHPshoFPLqaCmq8xAyRyIenCvfVWubxC2sLmd_agAbil7yVnOvs_X2gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM0MTA0OTE1MzE0MjM1NTMYAA&sigh=05sY5SSg9pg&uach_m=[UACH]&cid=CAQSGwDq26N9M7l5eyTuGSpBwqg-m_1a_QD8qTw1EhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=1307&slotname=4617354519&adk=1904281039&adf=2217611912&pi=t.ma~as.4617354519&w=380&cr_col=1&cr_row=13&fwrn=2&lmt=1669342505&rafmt=9&format=380x1307&url=http%3A%2F%2Fwww.t.ks.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&dt=1669343621353&bpp=1&bdt=859&idt=195&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=605&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rqIx0USHCp&p=http%3A//www.t.ks.ua&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
DATA 200
OK truncated
/ Frame 4941 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cfc0069c089bd3f50038c21d1ecd6698535e33c7837863677c28059da652c5a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/ Frame E593 3 KB
1 KB 60ms
60ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fddeb4bb412a8dd0afe2d9573cd09e750c422c2c7c0c166c581116096dc1ee33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1350
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 18:24:32 GMT
expires: Fri, 24 Nov 2023 18:24:32 GMT
last-modified: Thu, 24 Nov 2022 16:53:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AD75 0
0 104ms
103ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ_zWhSmAY6KEJL6m9u8P3OeDuAvMx8-2bf3GufXWEKyAiaLRLxABIKuqyyVglQKgAcO2yJ8DyAEJqQLhXeT-VkWSPqgDAcgDSKoE7AFP0M33n__NjlU_L42txe8Q8tuxOK6tVcmnR4f9ZN7olPWv0uVBZKkP8mAuAdfCE2GuA4Ge965JjLfGaYtf8lssVQjNtkmnS-HK8MaXIxJkF1MgH0tckN62XYM3eC9mknmvS3a2zeuJiUliu2XToFBOmFsZef_BdwCrvaJPRWUa0d5-n6hXJ7VBE5JD96kGik2E-yM2vVvZvRCyRBZOtBns0NYp-EtNYk1U4EYe8OXW3LAIDOO140s3uG1XXB0LRNcvvnxRdi5yjO6K4GkFJ5YAsxWngSN176Z0A3FKTkjR0-O9qGZt1bwtYNsO0MAE0ISz-58EkgUECAQYAZIFBAgFGASgBi6AB8iZtpUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ84sM0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMzQxMDQ5MTUzMTQyMzU1MxgA&sigh=KEMriZiQleA&uach_m=[UACH]&cid=CAQSGwDq26N9hkpqD7Y-CGR76tuVOf7wh_f7wlIk7RgBIBM&template_id=419

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=280&slotname=2550412611&adk=849037746&adf=1104840411&pi=t.ma~as.2550412611&w=350&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&format=350x280&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669343621352&bpp=1&bdt=858&idt=184&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=i0NHMbDdWM&p=http%3A//www.t.ks.ua&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame AD75 23 KB
9 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=280&slotname=2550412611&adk=849037746&adf=1104840411&pi=t.ma~as.2550412611&w=350&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&format=350x280&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669343621352&bpp=1&bdt=858&idt=184&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=i0NHMbDdWM&p=http%3A//www.t.ks.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AD75 3 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AD75 18 KB
7 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD75 154 KB
47 KB 176ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E593 6 KB
3 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Nov 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E593 34 KB
13 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 25 Nov 2022 09:40:58 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E593 186 KB
49 KB 189ms
66ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 m_300x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/ Frame E593 154 KB
26 KB 64ms
63ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/m_300x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18233c5aa4dd4d91650aa3a31fe1ea53d77ae6fa6affb879675f2cfc8729ef02

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 18:24:33 GMT
age: 29349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26424
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 16:53:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 18:24:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 581D 143 B
166 B 57ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=280&slotname=2550412611&adk=849037746&adf=1104840411&pi=t.ma~as.2550412611&w=350&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&format=350x280&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669343621352&bpp=1&bdt=858&idt=184&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1005&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=i0NHMbDdWM&p=http%3A//www.t.ks.ua&dtd=190
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AD75 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a31fdff5fbc7ff3724bbeab376295b45c7d2c3edceee9c1c742373cafc0da7c0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 581D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
71ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
expires: Fri, 25 Nov 2022 02:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js?bust=31070923

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

790082e0d7a95987417ab26e229da916eb4e43693be4544a390eee1d23255666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52286
x-xss-protection: 0
server: cafe
etag: 11845637822931053480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 179ms
67ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.t.ks.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 181ms
66ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.t.ks.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7429 31 KB
12 KB 256ms
255ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21e30797be1d6efeb7b39bbedd43c2e906cf358583cdb55d3224e2b0ce92320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12633
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 411D 436 B
232 B 192ms
191ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=50&adk=2162631557&adf=3803281417&pi=t.aa~a.1567046725~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x50&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307%2C1200x90&nras=3&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eOyuQZWsdT&p=http%3A//www.t.ks.ua&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f6cc6c199a7d9eaa5715bae492f3c3eb4969e70e4bb03da44b151226a0c68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame AE1F 10 KB
4 KB 57ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 56985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 7178 10 KB
4 KB 57ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 56985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m_300x250_atlas_P_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/ Frame E593 56 KB
56 KB 58ms
57ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/m_300x250_atlas_P_.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fab8a98dcb7a5f6e8e7e8d21739e2f4fa7c381ac062193ef5e9e8e19d0c347f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 24 Nov 2022 18:24:34 GMT
x-content-type-options: nosniff
age: 29348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57642
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 16:53:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 18:24:34 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame E593 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 18:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 18:46:54 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame AE1F 4 KB
636 B 181ms
67ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 01:39:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE1F 205 B
229 B 163ms
54ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 22:51:03 GMT
x-content-type-options: nosniff
age: 13359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 Nov 2023 22:51:03 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE1F 604 B
628 B 162ms
54ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:06:35 GMT
x-content-type-options: nosniff
age: 19627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 Nov 2023 21:06:35 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame AE1F 19 KB
8 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:37:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7178 0
0 108ms
108ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGfHQhSmAY4msI-669u8PwJyN8Aut777GbZDS4u2AEYy0zKehNxABIKuqyyVglQKgAbKKwaoByAECqQIVqOM0cCipPqgDAcgDyQSqBOQBT9DljjuVWvBRXflfqmKRxITieOY-9cjzzcVcGyOEVECIQGdMCKFUNIFvN1LLQRHMZdS3JP8-NM71ww_sv2OAyZED1Ea0YeE7B_hYeLmZb_9BLxKMrvLx7I70D8iAjn4wFDzTqZgQeCysDdu1wCsdtWcod8iV64HZbNAAKWF3sB4VFPte3A8Ct82MmjTXY8hGB579wqDLTwSl0P7WoMPWpvInG0F8LdZvvb3zZf3i0r5jR2RgcmRg8vtViMqSYoNNjQo_q2WQz7cwMR3RhixbNI2d8a0YEWfGcMIFpLHBkcd85CFXwATBu63loQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCAnibSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDEwNDkxNTMxNDIzNTUzGAA&sigh=9caGP0GJgk0&uach_m=[UACH]&cid=CAQSGwDq26N9gLBjyA2XExUZQi06n9I58oywteDhOBgBIBM

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7178 23 KB
9 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 1482375935676940905
tpc.googlesyndication.com/daca_images/simgad/ Frame 7178 26 KB
26 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1482375935676940905

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a8cbf423114b8e55bb3fc67b63cf6deaf486a9a1c664a0f76e53fc3d418189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 05:21:24 GMT
x-content-type-options: nosniff
age: 76338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26826
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 21:20:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 05:21:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7178 3 KB
1 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7178 18 KB
7 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7178 154 KB
47 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7178 34 KB
13 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 04:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 04:20:15 GMT

GET
H3 200 m_300x250_atlas_NP_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/ Frame E593 67 KB
67 KB 58ms
58ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14126602109499295128/m_300x250_atlas_NP_.jpg

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a1ae5957cbfaaa280beadb9092f5ca54fccc08c7e8c28593719b15d4e4652a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 24 Nov 2022 18:24:35 GMT
x-content-type-options: nosniff
age: 29347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69070
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 16:53:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 18:24:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D46 143 B
166 B 58ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 4F12 247 B
963 B 201ms
61ms Document
text/html 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

07e7914cf2ee5ea4186da1747da6838796eef3b14d6982406bb6ace5ea86d37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-Ex994wCEfBr-ILSEGqhDsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7178 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6336ae55f705a74f404c11504163e64dac974f6b722ca38a03dee56e2b6f00ba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C5A6 0
0 106ms
106ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxiW1himAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTcAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISRSIHkFPgxYAOFn73H9Cdaeu4E5xMUf0jpC-YuCK9GlPOWlvnMr-ABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzQxMDQ5MTUzMTQyMzU1MxgA&sigh=0YTVEUNd76w&uach_m=[UACH]&cid=CAQSOwDq26N9g0uyrAwFBi538flN4QpyE3L0VtI5nQjYDaN42RDfnNFtImk36biMw4fZv4iTc7FJCUxJPRqRGAEgEw

Requested by

Host: www.t.ks.ua
URL: http://www.t.ks.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:33:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C5A6 0
0 191ms
67ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kes81ppr5s2swyt7ayw8jg8zzp6epkakj4gj6f5kz3ezze19d8s9ndapd2fyb760bn0httwy7hkchcv9yynrpr2rk6jqwte9fab3rvxr74ratvfr8decvzytff31174266sbeapp3s1cn4fkdjkj60gm22041dcw28mgx6yfwhr9y8ce35zmgd2wqc1rrs0cw8tgr22901a9rq1xn30dws2h3avmdpsxz1xjet6cm9vxf7vyrn92hb4e2f0fez35gdj20epr8582qcbshv2cw442q2h6pbe4zk5gzbn9r20qhhqvdfgyjywd1w8gt5qsy9kzx32bxew44yetxszvj91t5g2xwmv32yz4n5ck32nvv1a3c3r6cc3xjh8m58yd2ce6bjex3hz97r&b=Y4AphgAIkxgIu9DoAAzpTs1Q6Tz5swwB4A2RNQ
Requested by: Host: www.t.ks.ua
URL: http://www.t.ks.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Nov 2022 02:33:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 84FB 2 KB
3 KB 167ms
68ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j6fp7zj56v65dk8c7qaejrtg2h1avtnedaz4vx19wqvcz2596v507639vtb9p7pt5751jv08g43w4vpjrq4mcyp73fzgrzgpp3jaeytg3fggazq3tze1yp0dx689nvrxkpwprh98qt02p0gzx9h9spm8103bq51m0pgkdtv0kjkz285yaafnd4cjfmqzftmt3e2cv0t3qhwde0amd6c24xrqg3145ecpz57a4wgs4jnt1srm0n693kejttthmy400bmvv6h14jg3d9snk041zaxsp4f1nfm6qyk6cdtrtkngfb37y2zg7gxyc5abwncdpgdqp1hppz8hwwawksvtfkhwnjbd139dvy09d9ngamh2jz5bgzv87r78k79fjv0efhkqghvb94k7xfa7bfd72q9fcs06zgxn3wzq8969c2cvv9p1zm51q1ctm3e9kqrmc2g92n2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%26client%3Dca-pub-3410491531423553%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98759ad30d7f205be91add246472e70aecb42ea62b780a1b454456b04b1d2a0c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76f6fb2b5bfc8862-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C5A6 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EF16 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Fri, 25 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C5A6 18 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C5A6 0
0 65ms
64ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9YDdDsw1I0vwKxc8NjUsorhQ0BDs5LaxgcUOBeUZ9Ii8LfeU-B0bdQkFdbhRSr4lgU3Qn2zaEnt1DeLN4CRsygnSR8g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5A6 154 KB
47 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D46
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
66ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
expires: Fri, 25 Nov 2022 02:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C5A6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed0f760256b05d66f223c7ff284fea699067c5cbe24c8db9f86548ed21467c70

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame 3350 9 KB
4 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:47 GMT

GET
H3 200 a6a6039cae421ff9ee735c181ecbeebd.js Show response
www.gstatic.com/mysidia/ Frame 3350 149 KB
55 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6a6039cae421ff9ee735c181ecbeebd.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6b180af414c4f7bf95d91b1fcf5efce2211aca54db4a9469e8ef003dfe378b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 09:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56666
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 09:38:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3350 6 KB
919 B 67ms
67ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 02:33:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3350 2 KB
774 B 62ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 3350 23 KB
9 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3350 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3350 18 KB
7 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3350 154 KB
47 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:33:42 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 3350 34 KB
14 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame EF16 35 B
465 B 188ms
60ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGhfdGoiUWsvjyahc_7nE2o&google_cver=1&google_push=ASkJ3FZ5kDDTS8IWlz1RuQTP6iczDwIqA5bV_VpM_k7X-AmV4X15tAMWWfw71x_ucuVIAvGVsgZ1-b5lJc0tsIOKDcvLMADCB_Bq

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame EF16 43 B
351 B 205ms
66ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGIDF8DtXhlPjEPze1ySKcg&google_cver=1&google_push=ASkJ3FbjVZ1GBfFodu4gMWy5bANFhQQ4k50IUKFQlUz2tcRsR8k8tvM0aM7e0YYdS4DgeU4fC0a3HCH-eQn26P93_ud7u14L0Uip
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: gfu4obkdr69dgskn5q7remvsl617v9ll

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF16
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeyEhbooSOi4fyqp5q__nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

192ms
77ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeyEhbooSOi4fyqp5q__nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaYG0uvWp_PeL4NL24Lmw1TpkbS4erR47nQgSNANz8QfVaIxNtu1-je1JUav-iQWRZrU6Pixt4J7KPpw6uRUsMNHiwhMx8A

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeyEhbooSOi4fyqp5q__nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaYG0uvWp_PeL4NL24Lmw1TpkbS4erR47nQgSNANz8QfVaIxNtu1-je1JUav-iQWRZrU6Pixt4J7KPpw6uRUsMNHiwhMx8A
date: Fri, 25 Nov 2022 02:33:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF16
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC9Jy4quZlTyk5uQgTy95gY&google_cver=1&google_push=ASkJ3FYbPiNofjaRPjWfwJFQYuY81Ev26JGtJiRNu5jIayue2A3-VPK4GVrdp973Cp-Pk_MYUqb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFWVzNCQUUtMU0tM1NDOA==&google_push=ASkJ3FYbPiNofjaRPjWfwJFQYuY81Ev26JGtJiRNu5jIayue2A3-VPK4GVrdp973Cp-Pk_MYUqbh7SSZXNYiLABRa4-9rc6NkJev

170 B
188 B

184ms
75ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFWVzNCQUUtMU0tM1NDOA==&google_push=ASkJ3FYbPiNofjaRPjWfwJFQYuY81Ev26JGtJiRNu5jIayue2A3-VPK4GVrdp973Cp-Pk_MYUqbh7SSZXNYiLABRa4-9rc6NkJev

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFWVzNCQUUtMU0tM1NDOA==&google_push=ASkJ3FYbPiNofjaRPjWfwJFQYuY81Ev26JGtJiRNu5jIayue2A3-VPK4GVrdp973Cp-Pk_MYUqbh7SSZXNYiLABRa4-9rc6NkJev
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF16
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_hm=Y4Aph5hS_t0y02c1vEgUFAAAArgAAAIB&google_nid=index&google_push=ASkJ3Fa9v0G_nw1LVJHaNqGkqOHr2DV6-PBoL...

170 B
188 B

134ms
70ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_hm=Y4Aph5hS_t0y02c1vEgUFAAAArgAAAIB&google_nid=index&google_push=ASkJ3Fa9v0G_nw1LVJHaNqGkqOHr2DV6-PBoLVu6U1YgBYwcWa1XS3fK5thwawe4Xy23XqlBdm5T53cB-H68WooyUDQoijCmP24q

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3KC2nv0roTf%2FX6G9SZl16I3ObVqAfTpIulDCLg6DVRk96XuHQ6p2E0KrXLA6n9Ndzp9uowjAO1spQYs5d34K4mqyvtb%2BurfPqfWaZToYHoGexUSGltKJ1o1dncnGbUZuYrScdPFw4w0WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHoXP5qZZMYTTD9WDPrteWc&google_hm=Y4Aph5hS_t0y02c1vEgUFAAAArgAAAIB&google_nid=index&google_push=ASkJ3Fa9v0G_nw1LVJHaNqGkqOHr2DV6-PBoLVu6U1YgBYwcWa1XS3fK5thwawe4Xy23XqlBdm5T53cB-H68WooyUDQoijCmP24q
cache-control: no-cache
cf-ray: 76f6fb2cca8d7314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame EF16 43 B
297 B 300ms
45ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEM2zJhRdSnhUHbmASm-zZG8&google_cver=1&google_push=ASkJ3FYtYhfwgCFu9u1CK-_VQsi3jUt9IOHgb451we-uKFV54hWjZxR8pk3MToWGAMAtEu0IPLvYPVKyN_ECnInlLU4emfUAMwc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&adk=851093080&adf=1428193842&pi=t.aa~a.971437895~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669342505&rafmt=1&to=qs&pwprc=1338859862&format=1200x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1669343622507&bpp=1&bdt=2013&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4269a3842eb1154a-22c18f358cd700e5%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA&gpic=UID%3D00000b86bdd95655%3AT%3D1669343621%3ART%3D1669343621%3AS%3DALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw&prev_fmts=0x0%2C350x280%2C380x1307&nras=2&correlator=8717273140795&frm=20&pv=1&ga_vid=223956522.1669343622&ga_sid=1669343622&ga_hid=407262673&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2395&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31060047&oid=2&psts=AMjMPc3n4ibKVm453_fTOtthMg0OTG45MOok9A74_XvVk37XDk1YsTOOg2ank_F-Z0Lo-gA9J8WZXBBuzdy9&pvsid=629346423014650&tmod=2111684469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=yotDFg9CGp&p=http%3A//www.t.ks.ua&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame EF16 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EF16 0
223 B 200ms
64ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJL8wE2XT3-hbvpd5jvSf07FFrG_sHFOVU4Q279DkmIKFGysGaW7Q7Q054BN3PvoIjvVunJg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 iframe.html Show response
p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 4F12 4 KB
2 KB 171ms
62ms Document
text/html 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

f2f8aca9d72c042dddd87a76654c2aac050b6bd3bc4c05b4e88e64c064c3e71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1859
content-security-policy-report-only: script-src 'nonce-AtammNzds3njK5Tf8Kih-w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 84FB 89 KB
12 KB 103ms
57ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j6fp7zj56v65dk8c7qaejrtg2h1avtnedaz4vx19wqvcz2596v507639vtb9p7pt5751jv08g43w4vpjrq4mcyp73fzgrzgpp3jaeytg3fggazq3tze1yp0dx689nvrxkpwprh98qt02p0gzx9h9spm8103bq51m0pgkdtv0kjkz285yaafnd4cjfmqzftmt3e2cv0t3qhwde0amd6c24xrqg3145ecpz57a4wgs4jnt1srm0n693kejttthmy400bmvv6h14jg3d9snk041zaxsp4f1nfm6qyk6cdtrtkngfb37y2zg7gxyc5abwncdpgdqp1hppz8hwwawksvtfkhwnjbd139dvy09d9ngamh2jz5bgzv87r78k79fjv0efhkqghvb94k7xfa7bfd72q9fcs06zgxn3wzq8969c2cvv9p1zm51q1ctm3e9kqrmc2g92n2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%26client%3Dca-pub-3410491531423553%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j6fp7zj56v65dk8c7qaejrtg2h1avtnedaz4vx19wqvcz2596v507639vtb9p7pt5751jv08g43w4vpjrq4mcyp73fzgrzgpp3jaeytg3fggazq3tze1yp0dx689nvrxkpwprh98qt02p0gzx9h9spm8103bq51m0pgkdtv0kjkz285yaafnd4cjfmqzftmt3e2cv0t3qhwde0amd6c24xrqg3145ecpz57a4wgs4jnt1srm0n693kejttthmy400bmvv6h14jg3d9snk041zaxsp4f1nfm6qyk6cdtrtkngfb37y2zg7gxyc5abwncdpgdqp1hppz8hwwawksvtfkhwnjbd139dvy09d9ngamh2jz5bgzv87r78k79fjv0efhkqghvb94k7xfa7bfd72q9fcs06zgxn3wzq8969c2cvv9p1zm51q1ctm3e9kqrmc2g92n2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%26client%3Dca-pub-3410491531423553%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 106523
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVsvbecbMKK6KwIbfV%2F%2FjaTWsQ10mOovQ3BGhtifUYOU%2Bx0W3vadPik%2FkJDbrHXJnoCWdZBs5s7qyiDD27OL4191U%2F%2BqeFghNNcffbfy48tCrGHzPDfDfXlsv%2FTtPsNM1kZxrJwE%2BPc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 76f6fb2c1f03dd33-LHR
expires: Fri, 25 Nov 2022 03:33:43 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 84FB 35 KB
12 KB 63ms
53ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j6fp7zj56v65dk8c7qaejrtg2h1avtnedaz4vx19wqvcz2596v507639vtb9p7pt5751jv08g43w4vpjrq4mcyp73fzgrzgpp3jaeytg3fggazq3tze1yp0dx689nvrxkpwprh98qt02p0gzx9h9spm8103bq51m0pgkdtv0kjkz285yaafnd4cjfmqzftmt3e2cv0t3qhwde0amd6c24xrqg3145ecpz57a4wgs4jnt1srm0n693kejttthmy400bmvv6h14jg3d9snk041zaxsp4f1nfm6qyk6cdtrtkngfb37y2zg7gxyc5abwncdpgdqp1hppz8hwwawksvtfkhwnjbd139dvy09d9ngamh2jz5bgzv87r78k79fjv0efhkqghvb94k7xfa7bfd72q9fcs06zgxn3wzq8969c2cvv9p1zm51q1ctm3e9kqrmc2g92n2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%26client%3Dca-pub-3410491531423553%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 245727
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlkeQg29XwhoL53mfRZl3QjH9hJaZPlpZ5ceJ9c8kj%2BZae7fN3eWeWvOMB71y%2Fc64b60DXQoUSY0D9usY%2FaoRKUSQEVEirBeookZ0efDHxiusRCrJabZUJFOa1KA%2FPJjbr2HqlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76f6fb2bdc848862-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3350 0
318 B 178ms
62ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lavw3b7j&c=7356838839193&slotId=3678419419596.5&qqid=CMiCysylyPsCFW6d_QcdQE4Dvg&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a6a6039cae421ff9ee735c181ecbeebd.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/k6aW0Tr8wyk/ Frame 3350 12 KB
12 KB 199ms
57ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/k6aW0Tr8wyk/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a252ac939552c8767b7020e62a937a1ced297aab6981a42b0409f5b6d50a100a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 01:04:31 GMT
x-content-type-options: nosniff
age: 5352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12161
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Nov 2022 03:04:31 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-4g5ednsd.googlevideo.com/ Frame 3350 2 MB
2 MB 197ms
56ms Media
video/mp4 2a00:1450:4001:6e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5ednsd.googlevideo.com/videoplayback?expire=1669372422&ei=himAY8G1ENWA8gOY14fgBA&ip=2a01:4a0:2c::6&id=93a696d13afcc329&itag=18&source=youtube&requiressl=yes&mh=Te&mm=31&mn=sn-4g5ednsd&ms=au&mv=m&mvi=1&pl=43&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=34.969&lmt=1666612758175977&mt=1669343379&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgAZNTf9_Jz2b3vuMi93fybVZJWa9RonxN0F4bYPmNla0CIH2UsyX59Ctb95bRbh2E7OfjJRbl95PYFZR8KATqpVdx&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgbuBZLdXqK56Ur26TucnQpHpkgSidr0hfLfYaBXzNqckCIGpnYHMnl-K9zIKW_nbCEVKwiKlwi39yBDNl9MMB5roR&cpn=SFzjECv7txesswoh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6e::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

28bd195989985aa6679e96d9bb0f1bfcdeaa6c75ff748536a4d8600180cda39f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 25 Nov 2022 02:33:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Oct 2022 11:59:18 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2026756/2026757
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2026757
Expires: Fri, 25 Nov 2022 02:33:43 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 84FB 3 KB
4 KB 155ms
54ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 601
x-guploader-uploadid: ADPycdvwDjW5jdr3hpmzEGdM6ocYLvnfI4_co9YRT1iPnu4DrEndoW4-i-8zZHwjrNkjFcureZIeUag3rEIRkN6YBG8
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5xkA4EOAF52Cx%2FI4ljvfskLdlKXxIefSeaWUqTuoC8lBec14qHr7sYVjEF8DH356crFAbW5thbUjRupBES1QYoPH8MenNhltwUaQcIbBR%2BfgzuKmsRzF7X%2FonV51La1JDwtLmXsFroG3xPgoKmpLss8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76f6fb2d7d6d7777-LHR
expires: Fri, 25 Nov 2022 03:08:55 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame D592 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 18:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 18:46:54 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1601 2 KB
1 KB 57ms
57ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2062360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76f6fb2cefd4dd33-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 25 Nov 2022 02:33:43 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYkOm1av9xzSgiPRChx6mQW221Agymba2wR1Q%2B19eqMnzdDA6VqbwcJcViIZLsRwOhM8l452kngkRGG3Vo7PFOUgxhdlghghAu%2BCT8lsnwtRgxYAXholxaur2zn7UL6FgrvRykQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 84FB 1 KB
2 KB 69ms
68ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a8776f136dd352da6e672bd49d3ae4a6b6ccf13c586d3b91a960fc2d263112

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viMMrB4fvG92oxywrZwTzRLSwwJq2SlgoO%2Bwj%2BENtfcXDsYS%2BmVonDxx3zHp5W8CMY297bHPLFSZgPvFEBFGoFazi98MuVcbfInmP3ULvoq1bx%2Fm34w8iJp0f%2F5cfBzAii5RkfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76f6fb2e6a71dc77-LHR
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 124ms
67ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f6fb2dfa26dc77-LHR
content-length: 24
content-type: text/plain
date: Fri, 25 Nov 2022 02:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM6V56Lbb4beKRJK1CXIjmxBA%2B3xcjpEs9VANeMgPIVbUF61tHD79tK7E0y7ZSSUkG0reF7RN3IswBujOWT%2FyzOlCqy0ApmzEZ441ogQ8vOr7XRYsqF96qHlAvBRZpD7jns3xwc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 204ms
88ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12594d12582bb55b02b9a99e7578250b711a87701eec3d101ada2a8d282a663b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11111
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 25EB 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 18:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 18:46:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4941 42 B
64 B 209ms
103ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi9UFkdUSfCWfxq36WrQ4k4olvBEcvK-NjEVSSvci1DUqOJMU3-5VmQM0LPXLciSuc2ZKAd6r4Jfh4q1epmL_qb4jV&sig=Cg0ArKJSzJqiKfzhg-OIEAE&id=lidar2&mcvt=1006&p=0,0,1307,380&mtos=0,0,0,1006,1006&tos=0,0,0,1006,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.46&if=1&vu=1&app=0&itpl=22&adk=1904281039&rs=2&la=1&cr=1&vs=4&r=v&rst=1669343621553&rpt=820&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6FFA 11 KB
5 KB 81ms
81ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f67f7536b06fae8d29f1acca37123a45e4a18d197f800aa3dae00b19a40ca4c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j6fp7zj56v65dk8c7qaejrtg2h1avtnedaz4vx19wqvcz2596v507639vtb9p7pt5751jv08g43w4vpjrq4mcyp73fzgrzgpp3jaeytg3fggazq3tze1yp0dx689nvrxkpwprh98qt02p0gzx9h9spm8103bq51m0pgkdtv0kjkz285yaafnd4cjfmqzftmt3e2cv0t3qhwde0amd6c24xrqg3145ecpz57a4wgs4jnt1srm0n693kejttthmy400bmvv6h14jg3d9snk041zaxsp4f1nfm6qyk6cdtrtkngfb37y2zg7gxyc5abwncdpgdqp1hppz8hwwawksvtfkhwnjbd139dvy09d9ngamh2jz5bgzv87r78k79fjv0efhkqghvb94k7xfa7bfd72q9fcs06zgxn3wzq8969c2cvv9p1zm51q1ctm3e9kqrmc2g92n2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%26client%3Dca-pub-3410491531423553%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76f6fb2ef9cddd33-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:43 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AD75 42 B
64 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswPC8Ty_YzkfMr03Bkw4FpIHmhteJLjeBmZZSuImOoNKbHGKTUSAXoN-CSzfBK7Anpk2Le6fG8r088YYSTwnNY_S9t-IlkIxp9NgQ2vjdVeQNDYMrFWpAgdZdvzGdPar1XIKftrQ&sai=AMfl-YQKODuO4r05rIpfWK0YggSuhYMgC4snIDEDoLB4mWsFsBO2BXyppz9ucsJlBaRFKjgyUzRFnXXTky4xqQE&sig=Cg0ArKJSzIGEFsUsTjtKEAE&cid=CAQSGwDq26N9hkpqD7Y-CGR76tuVOf7wh_f7wlIk7RgBIBM&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=849037746&rs=2&la=0&cr=0&vs=4&r=v&rst=1669343622132&rpt=347&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 6FFA 89 KB
11 KB 56ms
55ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 106523
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRcvQz6qSlPJ%2B5ul8iANL%2F3p6Ym%2BbugiLsZmfU8TCl71d9aJDEfhFdcaTDA3l832QGwilCPv%2FCFCl36nlVbaLqReTnF%2BifYrt%2Bm50NhqY7DPaMm2HnQqQGGyof2jBU3%2BZ3zLwCO7Xo4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 76f6fb2f8a74dd33-LHR
expires: Fri, 25 Nov 2022 03:33:43 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 6FFA 8 KB
9 KB 106ms
96ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25006
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF%2Fb76P6T83kZQnO1W6FbXSOcp%2FVq1CWjya%2FSNyt7LGE3TS2ecoBhSskqjGlubworGPZHJGVDlbdoGGYapzNA8LNKUHQAuBwdbzLFs5fW22bH2EGaW223UZLn3gdJaDlkHXRq3SI5bgzD%2Btl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76f6fb2f9f8d8862-LHR
expires: Sat, 26 Nov 2022 02:33:43 GMT

GET
H2 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 6FFA 43 KB
44 KB 104ms
96ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19983
cf-polished: qual=85, origFmt=jpeg, origSize=72345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44118
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 09:41:24 GMT
server: cloudflare
etag: "ed6f7b3b1b04cd5f78cf354be09c981b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2G1%2FOYfFi%2BFfhWWw%2F1EnZ9Sv0YgkUSlEOibqHLEIC%2Fgn6jwqwM6n65Hd2fRV9KpyQe7fzXUNjP2iraPqydp82dtH8Aajx0XVQ8sZP4PjhFqSmb2eedmwDVpHrfdmCt7v6ag4eqm1DrMTQZL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76f6fb2f9f8e8862-LHR
expires: Sat, 26 Nov 2022 02:33:43 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 6FFA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPvFzs2lyPsCFVzbEQgdtKUJWw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669343624_94b020d0-6c69-11ed-9d10-2262c713b6c4

0
517 B

198ms
62ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669343624_94b020d0-6c69-11ed-9d10-2262c713b6c4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:33:43 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 25 Nov 2022 02:33:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669343624_94b020d0-6c69-11ed-9d10-2262c713b6c4
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 6FFA 5 KB
5 KB 103ms
96ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2537198
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fndNzHpMqvuAKr5Ng9wHbkE92Bd1OFMutai0RYbCvicev3gduekTkSAfyVLIdYATb17u%2BxucUEuras%2BbdMbI2ofm%2BNMu3UCTInOMrURtffW3p%2FpUcnBWQhNZHIYv82lxT6TTlaJ8G%2FSjaKi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76f6fb2f9f8f8862-LHR
expires: Sat, 26 Nov 2022 02:33:43 GMT

GET
H2 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame 6FFA 418 KB
419 KB 103ms
95ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2527269
cf-polished: origFmt=png, origSize=725824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428526
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Mar 2022 16:06:29 GMT
server: cloudflare
etag: "4bc7b5f2b8f57f9439aaac8fcacf7e77"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCr75rrNxPcSzvexfzWS4PIkGZCDKBPte59dac%2BrZGGtZvwDFvddXHTcJD1qrIU7cXQ4JT50%2FcjShBuNT4UMDkYIAETcpppQ5KLtrjoDHbPIzIBcTqu0kryeCclrDgdbxKyp4vLV7urH9cv1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76f6fb2f9f908862-LHR
expires: Sat, 26 Nov 2022 02:33:43 GMT

GET
H2 200 C7D0A57663935ACB204E1E49CF05A9DB79A0F26538557A782BFD3796AF7504BDFC9FEADE507DA8021F6F4910729600339BBE3355A388F5714828A2ED0B9C4AF0
assets.ad4m.at/logo/ Frame 6FFA 13 KB
13 KB 58ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C7D0A57663935ACB204E1E49CF05A9DB79A0F26538557A782BFD3796AF7504BDFC9FEADE507DA8021F6F4910729600339BBE3355A388F5714828A2ED0B9C4AF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ca7fcb5b1f41918188022035ce72f844b299b7ffd064c4c9e3c9e596569743

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467967
cf-polished: qual=85, origFmt=jpeg, origSize=38332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12866
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:12:43 GMT
server: cloudflare
etag: "24026408b8f2c4498a233cbbb8507821"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNIEFsru7Wtog%2BzESsKcFWqtMEA%2B7nqwGb7vkVvjSmghCIWOMX59CePX50sB0THHwaEdcOs%2BgqGkDU5MbibOKgyaJCEPkgt0dZ%2FxceMqnL1%2FxmWLsTdKfKcQKfL2fOizpeu4djcJN8Em2yi2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76f6fb2f9f8a8862-LHR
expires: Sat, 26 Nov 2022 02:33:43 GMT

GET
H2 200 3422B222C63ABA094DD878458B492EAD2702A34D0B4A94DF1894C046A5911BD4297CCD5C5898FD53F62E079B8D1B73737960C5F7DF3FDB5DDEE88068F96E72B0
assets.ad4m.at/product_image/ Frame 6FFA 70 KB
71 KB 63ms
57ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3422B222C63ABA094DD878458B492EAD2702A34D0B4A94DF1894C046A5911BD4297CCD5C5898FD53F62E079B8D1B73737960C5F7DF3FDB5DDEE88068F96E72B0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a7a1458058fc8e9a0b596590b7f7eb8a5c3b66280c1b626dc0678fe8f69013

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 677764
cf-polished: origFmt=png, origSize=123808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71926
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 17:02:56 GMT
server: cloudflare
etag: "541023891e1b079af000e6373725dbc7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPBX68zHFbzOLqf6eJgy6evNCGkJCu42vr%2BfnZ6EXHYulMqkNYSspscxTrvrr3wZSIedNkBFbHYyL%2F7x3bbf%2FktEnLweoh8mLjcEh%2B086VjMRMZ2MOxmS2pOJ0ENa7J06fh9cKNvpSURF8K1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76f6fb2f9f8c8862-LHR
expires: Sat, 26 Nov 2022 02:33:43 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6FFA 43 B
704 B 222ms
104ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2941308&v=13686&q=411418&r=412871&pv=1&pref3=oneidYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6qoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:33:43 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:33:43 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 6FFA 2 KB
2 KB 200ms
86ms Script
text/html 13.41.118.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ghrk1840x352t00bmayzt2dnxsz160batff77f451garbk5xgtdccr540s2bmmxsd7z5rbv8rthj4vd4aaa9qcke7rcgk7nmkmkhjtpb2qwz8j3vzrqkcn2b5ddz1mx085n4jxmz3x144m9rcqa878h02bb4138j4tbwq5z849j49vs87mfbwby01phtd2esygaj95q20f3hztbrmzrpcdt112ys46njzx5jjtes6mf2se41j0wp5b8wxvqp8vfhr50%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%252526client%25253Dca-pub-3410491531423553%252526adurl%25253D&clickref=oneidjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5woneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7oneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-118-175.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 406518b5eb20319ae652e51d6322c62026797239728cbc48015a0ea9348a0ce4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
last-modified: Fri, 25 Nov 2022 02:33:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 25 Nov 2022 02:34:43 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 2A9E 44 B
1 KB 203ms
68ms Document
image/gif 94.130.160.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.160.12 Karlsruhe, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.160.130.94.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Fri, 25 Nov 2022 02:33:43 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAF5 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 18029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 21:33:14 GMT
expires: Fri, 24 Nov 2023 21:33:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A7F 783 B
535 B 69ms
69ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84c0572f2b19e09f18e5059a3bfb2b482e7cf8d43c1c9c30be44816adda82531

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0s9OWg1o3ytoR30kD02CyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.t.ks.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-0s9OWg1o3ytoR30kD02CyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:33:43 GMT
expires: Fri, 25 Nov 2022 02:33:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame FAF5 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 18:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 18:46:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A7F 0
0 88ms
87ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=629346423014650&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 6FFA 85 KB
31 KB 232ms
70ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ghrk1840x352t00bmayzt2dnxsz160batff77f451garbk5xgtdccr540s2bmmxsd7z5rbv8rthj4vd4aaa9qcke7rcgk7nmkmkhjtpb2qwz8j3vzrqkcn2b5ddz1mx085n4jxmz3x144m9rcqa878h02bb4138j4tbwq5z849j49vs87mfbwby01phtd2esygaj95q20f3hztbrmzrpcdt112ys46njzx5jjtes6mf2se41j0wp5b8wxvqp8vfhr50%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%252526client%25253Dca-pub-3410491531423553%252526adurl%25253D&clickref=oneidjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5woneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7oneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 06:06:17 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73648
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yAKnQTUnOoRs6vjzUZ4wpYcX13owXT18F-Sjo9dJN14m5xk1MaJggg==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame 6FFA 55 KB
56 KB 193ms
61ms Image
image/jpeg 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1669343923&Signature=n11VNqSb2wR4zIAu5vfWZ9CE5DBWHNTXrqJRCt-Rab5J~cXTVvpbwJRCGgrKwt64VcEgh6yR49YB-vW2r4WlVGQqA2QHdE4dxn9YYVNZ6Tzlc9h1vI~txmdCXkK5H9VX-uDZzY3QroeYkUXel2QH9V19gV9~OwFGk2M9E7Fu~EBMoQlZJw-3KOeSc5jlUlkKBGi2VQf~IafAYZMWjjvUDjkz8G7PyNhmSbTIOP3w8r9i-AHgupC4aG9ho4AR1Is04HdFojDfTj5MU6~CQ5UDg0o6girRryIF-eh9DnjqLSDiA95sQquNrc-QQskDVTf6tWLJeHUAgaZGvIE6KWzBEw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C182475%2C321054&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=728&d=90&e=&g=4d16d87b0f5b2535910e9a48a9b4d30b%2F4923821322870926591&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669343623443&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbjk6k38341af2st0hmgss1h3wp9sczwscf3q66r17vepnv9n89pyrhxavfhs8cx79sqq2t1bdtq9xrc6bhs0v1s1c5mw3r3fjcfb62phzvbg9ey6fmhkp0yx8jtypjcvrtftmvb5d4gza0qdsy7fqb6zeagqats6y6chfaxd5cw7nwk3r3v78rk99b8n2tg2mw6gmdb9h9thrry6wp9zt79ez3m67tkttfnd653mcjmx0w27f9w9c1a1jrpabf7gveabbt17qb97cy5z6sqj8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCt26ahimAY5imIuih7_UPztKz0AWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTM0MTA0OTE1MzE0MjM1NTPIAQmpApoqfGv3dbE-qAMBqgTfAU_Qvuy0m254_lT3XcT8ZuWH0LKwfcy6uu7oqF5O9wWvxi-_ol5BdqTXl88CrQeVKJ25hZOcjYu8gm4ROjTgsPJqZrAEAN8lqHb0QNPCYhq0XcRJ1CbfFozi0eppWqUEvQNXIK59s___mOO9Ex3rilu3IaM_n7y5yFvw9uRTkFHu-h_z3EvPXht1JYLcuFcHDkki2K9l_IhTjpmlhv9G-jHpIc6CmfE2CTpN9AVec2wfoS4yJIISByAmAoQZQsDGkTZhxZkPm9KsGTFGf-X-JO3RKtopBH_Wj4d4cnfxGSOABseRuKGYvsbfbKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2yD8buq8u0PrNlzTEIoQ8twrVKIA%2526client%253Dca-pub-3410491531423553%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 25 Nov 2022 01:22:46 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 4275
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: NtRIBp-yLNiDXw6fStDWBeZKWj-WFIt4pgASnqW9TfuGeq5XC9jt5g==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FAF5 0
12 B 57ms
57ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IE6beQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:33:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7178 42 B
64 B 94ms
93ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR-QxmAokfW65TMI58kFnEpyNfDcrpCinvKX0_CRKHWOz-MhGALbRfAy-VzIIwUQIFhjWnC_L4DqIj0_zV9ivN7oJK3shVRa746LtiExu-DGYPvtlOSBfMOWZfr_xzoArkRcE6lQ&sai=AMfl-YRURzMFZ0VKSCsyp3Ci835w8PTiYkOlQ4JmXEDr-cw3DOxhD-iNQZXvK2tQ_fQ7_oCdpBjyqF88b7EK5js&sig=Cg0ArKJSzA5YN_WX5vtMEAE&cid=CAQSGwDq26N9gLBjyA2XExUZQi06n9I58oywteDhOBgBIBM&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=92,733,1002,1101,1207&tos=92,641,269,99,106&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669343622602&rpt=177&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
89ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=629346423014650&bg=!qKulq-_NAAbvMpMzzzI7ACkAdvg8WkwRWXXXmwasG3alAj3ZspB2rw6O3JX2LWkJp4kkp5uHx_FqkQIAAABdUgAAAAJoAQeZAqCvFW4lTexgpNDUEOLNwToxOOZLd8qA-qXWaTZpMAcqvJtQfSDfViJMXmUOXIktkqbggQwYl01Dqwy8A343zjg6wn-iovG3sHsl-hDZCpCof1tF241j7G_16qN2jMf_WKcGxanLXZL5YA2qwtNwHDDQ38MoCvEfizawbX6N3ePjjtZXzy7BbCY12tiFhmImmREurjLDBuLOAkxmDnxWuGoT4n2z4HqSbbg6DPcFu02UNKfkFYNohsx4o7chhjgxZi-dsSBGVAI8ih7NAx0tTF3XymLXtzAoXmxG0SRteDiT4gI_kvNPQvJLm8WqkPgjMbEADqYaimWmfBOuViAab1JEdqXU8BayWLZ_NOobPQzDw5Ony_EgLSuGuPuAkEUjDlb15ae_FeEjzQQ9SHr4Ia2DMiPodDiO_ZHp6ACQ0pHzSBgEUKzrYsKAEr6q7VIcz8Vnp4_7rm2H1jCRwXSKlxXgzTUlh6qSHVtb4FQPbgDLw90Ui78tTiUm0cPfk2xaeMFyC8MtVhE1Vx9g9D-KaaNPYtjxCu_vX5W5aJY-SVXp3_wpsB1l2vhi_4SmUPnNgYq28RappehtQ3ji-7MP20sPD-0kbthK80yVeH0LgDx8c-1WJvBcj6k07ZCM2Deq6sGo088wUeJfnPda4cttfg8uKvUSiZwa7kAyfsu5jcio18p9arQ9RstiCb9bNew1CAag7jlc1xsdnMMqlFXFD6BiSkD48iJQlDe8b-ZGCqzSCPeMZJo4eJ6zaX0pXkyu833nGDX16Hv7uWKanMLe6r5BNUBnt_3b3HcSjK2BQGaNFS0TkhJZ8Sdy8sIt88lZPi7fbbHIQ1HU8SrsIC7OJjCmQrz0RnoWkcyWZD-N3gwb7SyS1CMT-EKI4nbBdezt1ZI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.t.ks.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 3350 0
17 B 180ms
64ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lavw3b7r&c=7356838839193&slotId=3678419419596.5&qqid=CMiCysylyPsCFW6d_QcdQE4Dvg&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a6a6039cae421ff9ee735c181ecbeebd.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:33:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 6FFA 16 B
232 B 89ms
88ms Fetch
application/json 18.170.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.170.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-170-123-253.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Nov 2022 02:33:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 145ms
45ms Preflight 18.170.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-123-253.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 25 Nov 2022 02:33:44 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECkghSGMLRebNLrwpVpsMiM&google_cver=1&google_push=ASkJ3FZSw2Y6a18RNnigOAxgsWG4Nkm398iSyzR66r8503u1QpXpbJaHP-iM3YQ8gbXopKzYbqNt5BSUzKDI093Ot_lhP8pEA3o6Bg

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.t.ks.ua/	1969-12-31 23:59:59	Name: b Value: b
www.t.ks.ua/	1969-12-31 23:59:59	Name: has_js Value: 1
.t.ks.ua/	1970-01-20 17:18:23	Name: _ga Value: GA1.3.223956522.1669343622
.t.ks.ua/	1970-01-20 07:43:50	Name: _gid Value: GA1.3.689049503.1669343622
.t.ks.ua/	1970-01-20 07:42:23	Name: _gat Value: 1
.t.ks.ua/	1970-01-20 17:03:59	Name: __gads Value: ID=4269a3842eb1154a-22c18f358cd700e5:T=1669343621:RT=1669343621:S=ALNI_MagqbyCqMNn7qONl_1lHRCYNwW7XA
.t.ks.ua/	1970-01-20 17:03:59	Name: __gpi Value: UID=00000b86bdd95655:T=1669343621:RT=1669343621:S=ALNI_Ma-3hXDrOcm5xRdLmXHqCsldla3Qw
.yadro.ru/	1970-01-20 16:27:39	Name: FTID Value: 1ZW2c50G2teS1ZW2c5003Kh2
.yadro.ru/	1970-01-20 16:27:39	Name: VID Value: 1sbnYa1HKBOS1ZW2c5003Khe
.doubleclick.net/	1970-01-20 17:03:59	Name: IDE Value: AHWqTUmCs6DG3Un9lMvZnXfk89PPCIJFoERgtTtv_4ogI0k_E6pd6iaQvNBijXVw-jg
.doubleclick.net/	1970-01-20 07:42:24	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 07:42:27	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 16:27:59	Name: CMID Value: Y4Aph5hS-t0y02c1vEgUFAAA
.casalemedia.com/	1970-01-20 09:51:59	Name: CMPS Value: 696
.casalemedia.com/	1970-01-20 09:51:59	Name: CMPRO Value: 696
.pubmatic.com/	1970-01-20 07:43:50	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 09:51:59	Name: d Value: EGsBCQHUJ4EA
.quantserve.com/	1970-01-20 17:12:38	Name: mc Value: 63802987-149b6-add18-dbe09
.pubmatic.com/	1970-01-20 09:51:59	Name: KADUSERCOOKIE Value: 11EC8485-BA28-48E8-B87F-2AA9E6AFFF9F
.casalemedia.com/	1970-01-20 09:51:59	Name: CMTS Value: 4466
.innovid.com/	1970-01-20 09:51:59	Name: uuid Value: 0046f118-7585-41ac-b78e-ecd5215f45a3-20221124 21:33:43
.awin1.com/	1970-01-20 07:43:50	Name: awpv13686 Value: 412871\|1669343623\|9486edf0-6c69-11ed-89a3-223851067267
.simptrack.com/	1970-01-20 09:51:59	Name: ntm_tps__4011 Value: ..NNNLtVfQecVzgG65mMqKpgKjJkfFmeNETqjULRVzZ9bfKjqbOWLvJFtMTN5NHk8AlgoNLYC4SmWNjyGN-w5nse07AR6pz0MzD0b8C33W8UTsql3ziqxwjFtRRcKkPQNL9fFtLkQVZhQVUtJ0Sj_hZCP8NB599JrDV47ZrJcaIfwgS1T7W-xG--4fSPReotYtPgWJDtleogLn-PmA_Aj_mAilbnCoYKJ6gdlY995H3rECmo51aylQAqaQyFrInSXrY1aZkq6Ue8P47irqEa30gZif18994Sqzq9y3pmasrg5zDzug-gdFONO0Lm72FW3n3urZkXKDrOSOM2O1g1hTlv0Yw0hcAc7anvuykTUFces99syhxcH9S74dPQvk5gqTNARNzxOiMFnuEclNhSkZ7p3Y10A_YKTol88sibm9IilpHn7bdx2Pr2sdKEYnfBWDC7DnEkpPTKPJRcqg2oCZT_4WKDiyh4_SPOZw_HDG2ZNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 09:51:59	Name: v0rur7gqspb3_uid Value: 6bafdaf1a11368bb
.awin1.com/	1970-01-20 07:52:28	Name: awpv11938 Value: 412871\|1669343624\|94b020d0-6c69-11ed-9d10-2262c713b6c4
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 07:52:32	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1669343624_94b020d0-6c69-11ed-9d10-2262c713b6c4%22%2C%22sp%22%3A%22awin%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.t.ks.ua/(Line 2058) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.bigmir.net/?o1&v16918485&s16916894&t0&c1&n683981&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.t.ks.ua/(Line 2058) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.bigmir.net/?o1&v16918485&s16916894&t0&c1&n683981&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECkghSGMLRebNLrwpVpsMiM&google_cver=1&google_push=ASkJ3FZSw2Y6a18RNnigOAxgsWG4Nkm398iSyzR66r8503u1QpXpbJaHP-iM3YQ8gbXopKzYbqNt5BSUzKDI093Ot_lhP8pEA3o6Bg Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.bigmir.net
cat.nl.eu.criteo.com
cdn.track.production.webgains.team
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
cse.google.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.bigmir.net
i1.ytimg.com
image6.pubmatic.com
p4-cno3lw4ney4xm-z3an22jdwjpfhepk-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rr1---sn-4g5ednsd.googlevideo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.g.doubleclick.net
t.ks.ua
tm.simptrack.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.t.ks.ua
googlecm.hit.gemius.pl
104.111.239.217
104.18.33.19
13.41.118.175
142.250.185.230
142.250.186.66
178.250.2.148
18.170.123.253
18.66.147.120
193.239.68.97
193.239.71.100
198.47.127.19
2001:4860:4802:32::3
2001:4860:4802:36::178
216.58.212.131
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:6e::6
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:2638:1::2
2a02:2638::c
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
35.186.253.211
69.173.144.138
87.118.116.9
88.198.13.114
88.212.201.198
88.212.202.52
94.130.160.12
99.86.4.94
00253d12eb17d0981a715829e3e964da2558163faf0cff1af61ef09c77bf8e3a
07e7914cf2ee5ea4186da1747da6838796eef3b14d6982406bb6ace5ea86d37a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb8512ba4f6cb86b43afdc75dcb5be3bbe829c7eee14a23143754c890f069b
0dc7e48f116bb627976cc0d34cc46eebfc26fde013aea8360239cebaa5ab278d
12594d12582bb55b02b9a99e7578250b711a87701eec3d101ada2a8d282a663b
15e1997fb68901ba622544565a8882859e0b5670a4cf689bbff7d29dea2cccf8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18233c5aa4dd4d91650aa3a31fe1ea53d77ae6fa6affb879675f2cfc8729ef02
1868049c86b74df4a0068fc3b509c93dd88c501ea362c21d32eeb590c7dc1a1c
18e2cc14164a8d4d30c7ef8867c6383a19bbe1c70f8f1cbcd7bd4ac091a8dcd3
1d2572ac30e71516debd607825bdf91a2f02e482692613a6bbb6ce81089a5633
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
25023e1a95968db342af417b8bfabdb3c0cc6dfbbd2d45dd1d742671b24fd113
2561a7819cf43b74144d7c45e48ca4c9b0a450d9fd862c262049e8b62848ff4a
28bd195989985aa6679e96d9bb0f1bfcdeaa6c75ff748536a4d8600180cda39f
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
39c3199eff9b1020fae0557cddd4351daae3625dee31e20057faf9c9b4ba7cdc
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
406518b5eb20319ae652e51d6322c62026797239728cbc48015a0ea9348a0ce4
410c2508afb1dbf9d2f2c342e2f7249c24bbc455645939162a17ae1224e47a3c
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
43ed4248a4fb3b2b3969c043d4be1aa77903eb9fc0b0ee28ad612b03514af8b2
4496a05457fdfdcc6937d4015c25d674c275cb18006c24ba91ec66225f0baf00
469171b75ac4d836541714abeec16f190e8e00d8929d74153cedaec1eb49dfc4
46fd6c4e6eaf4d084c565ba43ec3525913690d5e99f8fbfb8b0248d559ff989f
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a50ba58cac062cb4f8954e31c0918c2f9e139160cede59120f4af08495e55b5
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b309ae6bbbb879100d05ef9a1ee210c17bf6d657ee5d43c51d4e74ebad3f781
4ce8b8ca1149aa43c314ad2e5540442f1505f719a689a39070c70bc3bfc50075
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a64d1c5c0398127f7bb242763533650de54fe648fa7d2b2ebba01a37382bc
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
5184bb70fac12bf60208ea96ec7b4959417b2179d7194dddd3d30dd020d45854
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569508fadda24b4b0742cfb74ca39505b9fd421a4dea4ff2d1ff89c11c725917
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
58d53665a9b0832229b53057b3e5817ef47084c697ef885b89cda4352d3b4adb
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d985fb91961b3e7b04bb79c6d016bbcecc137968d82580ae4cf90df7faf2278
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61be0314c7b04e8e810a0e6e4e0fc63487b3a5455b75b1ebeef6d84a3b64432b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6336ae55f705a74f404c11504163e64dac974f6b722ca38a03dee56e2b6f00ba
68c4a1f7b18f258d08a290c774ec8b32558bd3d8716594fd8f3bcc44a4825d70
696a78169197b31f64edb45beaf947deee34606c3d425da93a08d3c4d7754589
69d25965501ec6ae33a97414b953001e70ac1e66e5716fd9ee7588681abb6a91
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6bc43b6c6655fcd86ceb8e9b8f8993678ecccac8e26d189721c9bbe9ecace9f8
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
713bdc80ea971bdc9f7248dac299dd53b5d9bc2972d0b323e5dbdee1edd48bf7
71ca7fcb5b1f41918188022035ce72f844b299b7ffd064c4c9e3c9e596569743
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
790082e0d7a95987417ab26e229da916eb4e43693be4544a390eee1d23255666
7c2bfadd7aa869112d76d5ecf240d9bc18cd51225eb2e1dd0a98a9b01872eee1
7cfc0069c089bd3f50038c21d1ecd6698535e33c7837863677c28059da652c5a
84c0572f2b19e09f18e5059a3bfb2b482e7cf8d43c1c9c30be44816adda82531
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8673335281601f796e472bc2cd310a9e174db0608079f56e959f3ad49ac0c237
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f67f7536b06fae8d29f1acca37123a45e4a18d197f800aa3dae00b19a40ca4c
8fab8a98dcb7a5f6e8e7e8d21739e2f4fa7c381ac062193ef5e9e8e19d0c347f
92f8ce85449681fac03962b2e3dfec8e91f25310f0329975b915a92fc26fe4af
95d4ea5463057c045e171149c12b5a17be2303d7778837d2ea0823f3d2419ac8
960946a781edab37b15e1662e2c20f18160f8d14554a8bdf7a565a3124a9d3aa
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
97ab169d2db3ee9ebd5277036a98d60a62bd2be77da2d79920b5acde63da6b72
98759ad30d7f205be91add246472e70aecb42ea62b780a1b454456b04b1d2a0c
9901f3c8251b26e3872d486646e7e2cc61926023088f8a00f323ae2050e80505
99a1ae5957cbfaaa280beadb9092f5ca54fccc08c7e8c28593719b15d4e4652a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f3d3d83aaf2318852fe2f9ffae5d031444e48a76e9ef1998a64763e43772fb2
a0a8cbf423114b8e55bb3fc67b63cf6deaf486a9a1c664a0f76e53fc3d418189
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a252ac939552c8767b7020e62a937a1ced297aab6981a42b0409f5b6d50a100a
a31fdff5fbc7ff3724bbeab376295b45c7d2c3edceee9c1c742373cafc0da7c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70ad1cdc7e0a97c42939453cbd8040fa0f87263501035e3e9b19cc784173d74
a921ba0b6b1163adac8d09560dd148e884cc24e4222a2427c67b18a6e2811fe3
a93b022d478e603b61b9c334ed8d0141052bb8cee87eadaecc547d3498795ba7
a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457
a9eae05f9b1cd72045348f904de28ce4b3f6272ba649047cd0a2d6b8c2fd051c
ac423fe5c2bf07d841e12a36c9952daf9c1eb8457785eb8096508313a5ec2242
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe6d9c79743607cf6c44a414e86776485315d2de751b73b2a78df16a90372e5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04e441eb6cc02531670a3b4c134c3129d8e6b67a5109e7a9244a0e99ebac2da
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6e0878c3c6fbe81a1f3e2e7daca0bdf258dc07cf0112e80e8933a9a481252f5
b7a7a1458058fc8e9a0b596590b7f7eb8a5c3b66280c1b626dc0678fe8f69013
b9ef2130b6603729a93e6980ede5e9298041746b778448926f08cd4353887016
bf27ca0d93f4b2e9c8aaa0877fe3e49bf24833d07feb7652b354c8efd9e000dc
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c46aa82964d656dac795135a9a635df62a087fd4305b01a00c9a5c1361818686
c6a8776f136dd352da6e672bd49d3ae4a6b6ccf13c586d3b91a960fc2d263112
c6f6cc6c199a7d9eaa5715bae492f3c3eb4969e70e4bb03da44b151226a0c68b
c7991e3b3598403f179f354998a394b330ce84dca1622ebdb3c291e8306f9e76
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca89bbbe6fb8be3711ac0298e90d876e0022c17bc20a40f1f57f20f35da4ea24
cc6b180af414c4f7bf95d91b1fcf5efce2211aca54db4a9469e8ef003dfe378b
ce96c9fbe6e1af57617dbae46f1b78d9bbf12bd9112ef8e9f94eafeaf32a11e2
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d15d58ca40e8ec45c2a3954cb34f789d02dd3eac779e561f12373e2e23d24231
d176470e3d0236f8833574feaff246be41e4a93f1728e85d14c999f2e14c756a
d65de336244f8307a9e8547d2718a0e6602ac0e2ea692536383982a5a1ea1e26
d9fb9bb128e8299eac2601e1ae2c23c9d48f0e419cdbfed6992a66f12060e3c9
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d
df7fe6d3f845c72be37a0a00c032557df76fed34ca0dbb0800958cd098cb94d3
df8c4486d8fc9fe5c893f617970c1714f71515f3f6c2afcfecb0708c99d00af6
e21e30797be1d6efeb7b39bbedd43c2e906cf358583cdb55d3224e2b0ce92320
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5868a14238ba3fd43b1922aa6db736f4b05970b5162451f6e89c0fd70e84b08
e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274
e67a15b4dd3c754b3dd32ae812ed806f30dd5d1120563f98a29b1f29f4b8235d
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
eb7e3e9cb4b00e5580caf5ec176ed75d9749bc80107fdaf4aa8c18249cf59cd9
ed06e8f62a4e88cfb2c286a6d068c158d4a69fa802074ed12c90ad8e786e03e9
ed0f760256b05d66f223c7ff284fea699067c5cbe24c8db9f86548ed21467c70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f155b93e1cd3ee48f9a1f343cd2b9ba27e7dc2b759cf3056ca6cc56627c1850e
f2f8aca9d72c042dddd87a76654c2aac050b6bd3bc4c05b4e88e64c064c3e71b
f5000b2170b5f39bae32246462d83608ddad8561f2cec98119006a78b0b70c5c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa
fddeb4bb412a8dd0afe2d9573cd09e750c422c2c7c0c166c581116096dc1ee33
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffb323be3fdf2001a86ae2b4c6497294a054207ac27228f24fccae7048b6134a

www.t.ks.ua Open in urlscan Pro 88.198.13.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

69 %HTTPS

57 %IPv6

32 Domains

50 Subdomains

43 IPs

8 Countries

5451 kBTransfer

9102 kBSize

27 Cookies

6 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.t.ks.ua Open in urlscan Pro
88.198.13.114 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

69 %
HTTPS

57 %
IPv6

32
Domains

50
Subdomains

43
IPs

8
Countries

5451 kB
Transfer

9102 kB
Size

27
Cookies

200 HTTP transactions
4 data transactions