meteo.ua Open in urlscan Pro
144.76.77.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meteo.ua/
Effective URL:
https://meteo.ua/
Submission: On December 14 via api (December 14th 2022, 1:36:37 am UTC) from GB — Scanned from GB

Summary HTTP 146 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 25 domains to perform 146 HTTP transactions. The main IP is 144.76.77.2, located in Germany and belongs to HETZNER-AS, DE. The main domain is meteo.ua.
TLS certificate: Issued by R3 on December 5th 2022. Valid for: 3 months.

This is the only time meteo.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 21	144.76.77.2 144.76.77.2	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
10	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 4	3.124.135.253 3.124.135.253	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 2	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
146	29

21 144.76.77.2 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.2.77.76.144.clients.your-server.de

meteo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.135.253 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-135-253.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.254 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	692 KB
22	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 81 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	127 KB
21	meteo.ua 4 redirects meteo.ua	2 MB
19	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 49798 inv-nets.admixer.net — Cisco Umbrella Rank: 2447	202 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
7	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 399 bidder.criteo.com — Cisco Umbrella Rank: 734 mug.criteo.com — Cisco Umbrella Rank: 3032	9 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	100 KB
5	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 597 image2.pubmatic.com — Cisco Umbrella Rank: 882 image4.pubmatic.com — Cisco Umbrella Rank: 805	2 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
4	creativecdn.com 1 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6590 creativecdn.com — Cisco Umbrella Rank: 565	1020 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	4 KB
4	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4516 adservice.google.co.uk — Cisco Umbrella Rank: 7344	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28 region1.google-analytics.com — Cisco Umbrella Rank: 3983	20 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 218 secure.adnxs.com — Cisco Umbrella Rank: 430	3 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 639	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	141 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	800 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	746 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	122 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1545	350 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494	587 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	265 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 153658	351 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 662	40 KB
0	zmctrack.net Failed s.zmctrack.net Failed
146	25

	Domain	Requested by
22	pagead2.googlesyndication.com	meteo.ua pagead2.googlesyndication.com tpc.googlesyndication.com cdn.admixer.net googleads.g.doubleclick.net www.googletagservices.com
21	meteo.ua	4 redirects meteo.ua
20	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com meteo.ua
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	inv-nets.admixer.net	cdn.admixer.net
9	cdn.admixer.net	meteo.ua cdn.admixer.net
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com
4	bidder.criteo.com	static.criteo.net
4	x.bidswitch.net	4 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	image8.pubmatic.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ups.analytics.yahoo.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	creativecdn.com	1 redirects
2	ib.adnxs.com	1 redirects
2	prebid-eu.creativecdn.com	cdn.admixer.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.googletagmanager.com	meteo.ua www.googletagmanager.com
1	secure.adnxs.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	mug.criteo.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	m.trafmag.com
1	static.criteo.net	cdn.admixer.net
1	www.google.co.uk
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
0	s.zmctrack.net Failed	meteo.ua
146	39

This site contains no links.

Subject Issuer	Validity	Valid
meteo.ua R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://meteo.ua/
Frame ID: C96057E8BC8B63C3E90AFD6E2D4C02F3
Requests: 68 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 9FF24DB237D92DE4115010FE9C6C5A37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: BB62325ACE5E97F7B106D4FB378584C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&adk=1812271804&adf=3025194257&lmt=1670981792&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791691&bpp=5&bdt=855&idt=314&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7233383170810&frm=20&pv=2&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: A187F09E75880BBCB9CCA85F1461B6C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=90&slotname=5555044044&adk=1322455905&adf=2696040145&pi=t.ma~as.5555044044&w=728&lmt=1670981792&format=728x90&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791696&bpp=1&bdt=860&idt=340&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sfaWs1w0cl&p=https%3A//meteo.ua&dtd=346
Frame ID: 7BB99010F389D22F3D9E6DB485B670D8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=600&slotname=1092537939&adk=4124563554&adf=3394633782&pi=t.ma~as.1092537939&w=300&lmt=1670981792&format=300x600&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791699&bpp=1&bdt=864&idt=349&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mcKfNaw26w&p=https%3A//meteo.ua&dtd=352
Frame ID: 79D33885D169A2F7CADCFA3EC27D2647
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 83B1DFF2EDFC70CF2E8B05BC72D41868
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=600&slotname=6676554023&adk=3461200028&adf=2750572493&pi=t.ma~as.6676554023&w=300&lmt=1670981792&format=300x600&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791699&bpp=1&bdt=864&idt=381&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CopeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=VS8mhvsMSY&p=https%3A//meteo.ua&dtd=384
Frame ID: E80917FF593FAB982800B5DB89EAC3B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 856CBB6F4B2A817F82568325F0B06A84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFF81A1B76ED8057B718707BA36AF9B2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: C167DD6C00146D65ADDB1C276EA24589
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AE2EAF65E7E32BFAB7349E7380DE996E
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1A399E8AE7219AD2BE7123759DD05BE5
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=meteo.ua
Frame ID: 6D3581C1D3A106339F344F9B487636A2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD96B729EA74645801E28F202CA1C75D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4044640932202842
Frame ID: E84D1C18E773978728DE554C2AE36A39
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 269185A2D87FA7607238E87C0A32378A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 5DE49D16E39675EEA5EB113289AE1F35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&adk=1812271804&adf=480832092&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793146&bpp=4&bdt=183&idt=162&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.u2qeoiaekuz5&fsb=1&dtd=181
Frame ID: CFD0CF5A63DAB2F5AEE11A045D832275
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=333&slotname=7997035246&adk=3507679953&adf=2751417943&pi=t.ma~as.7997035246&w=650&format=650x333&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793150&bpp=1&bdt=187&idt=180&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1041&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.qr8nb7cyyvqb&fsb=1&dtd=184
Frame ID: A9CEC3A493F674258099621C0BDD67DE
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44B2AC5D6C9C606DB257CCC086F1A16F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 941D1E0C140E5BE8B9D7F21B6158B8AE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3B5990DA1897D13D2509E34BA0F884D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 1F3D93CD6F305BF3939A30063135312F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

METEO.UA™: Погода в Украине, прогноз погоды на неделю. Погода на сегодня, завтра и неделю в Украине

Page URL History Show full URLs

http://meteo.ua/ HTTP 301
https://meteo.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

146
Requests

90 %
HTTPS

53 %
IPv6

25
Domains

39
Subdomains

29
IPs

8
Countries

3094 kB
Transfer

6486 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meteo.ua/ HTTP 301
https://meteo.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://meteo.ua/markup/font/sfprodisplay/SFProDisplay-Medium.woff2 HTTP 301
https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-medium.woff2

Request Chain 5

https://meteo.ua/markup/font/sfprodisplay/SFProDisplay-Regular.woff2 HTTP 301
https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-regular.woff2

Request Chain 10

https://meteo.ua/markup/font/sfprodisplay/SFProDisplay-Semibold.woff2 HTTP 301
https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-semibold.woff2

Request Chain 64

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjIyNENBRUEtNzk5MS00MzYwLUI4MTQtOTFFOUZGRDlFODQz&gdpr=0&gdpr_consent={consent} HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D6224CAEA-7991-4360-B814-91E9FFD9E843 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6224CAEA-7991-4360-B814-91E9FFD9E843

Request Chain 65

https://x.bidswitch.net/sync?ssp=admixer&user_id=16f693eae0fd4bbcad89a3fa39d83c24&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=16f693eae0fd4bbcad89a3fa39d83c24&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=697082879330615914&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&gdpr=&consent=&gdpr_pd=

Request Chain 66

https://ib.adnxs.com/setuid?entity=533&code=16f693eae0fd4bbcad89a3fa39d83c24 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D16f693eae0fd4bbcad89a3fa39d83c24

Request Chain 67

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://gum.criteo.com/sid/json?origin=publishertag&domain=meteo.ua&sn=ChromeSyncframe&so=0&topUrl=meteo.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PVnnpnx0RXRYMmJranQyMW9Qa2I4N1FGSENqaklDdHFWa1AvaU00OCt4NjZNR3hlRjRGeFpTMHd1ZjUzZVFGTHlnTngrSS82V3pmeUNrR0EyTWllR3MrTzcwUGRDT3M1MHQxTjBrK1ZRK3diLzQ5NVhZUjZTcVlPM3ZoTk5FM0R3L3JkcG91bEc0bnM4MVBBaHI3ZjQ2eDZqNnU1c1JBd1pEakVjSXFFVnlwZ3FGRlNZUllmTmFiTlNIWnczUGc0WWVtM1UySGRQRkpvVG4wc3JDRis3bFhQSDd5NlNQRGUvUEdyZTkvUW8vdmVWOGNYaDB5NGxmd2QxM0pZa0VoMFg3ZW1iS0owUkxNR1NubldsUHozUURRQTh3UT09fA&cppv=2

Request Chain 138

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELRqALQD9MzqaGcShZNLfXo&google_cver=1&google_push=ASkJ3FYGSPRk1cWAU7PcCzRnvyAM5YMAWJbMEwA242YMrzu6xa_mGief9h5hz81ZEGkbd4rWFIb10eree9tMLawIDQDfZJ8jzKS1Czs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxMjE1MzE2MzgwNjg2OQ%3D%3D&google_push=ASkJ3FYGSPRk1cWAU7PcCzRnvyAM5YMAWJbMEwA242YMrzu6xa_mGief9h5hz81ZEGkbd4rWFIb10eree9tMLawIDQDfZJ8jzKS1Czs

Request Chain 139

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGOyXFJpbf0cz3Yada-3nk8&google_cver=1&google_push=ASkJ3FZRD8AX-I8AMGbf_e4l9focbevIasqSoJl5wlfnwU6_TqAh4m6EJlwDkzoaqjg4hI_AquHIvafHZJ5SWlyD2NbrhByOHSu4lGI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3MDgyODc5MzMwNjE1OTE0&google_push=ASkJ3FZRD8AX-I8AMGbf_e4l9focbevIasqSoJl5wlfnwU6_TqAh4m6EJlwDkzoaqjg4hI_AquHIvafHZJ5SWlyD2NbrhByOHSu4lGI

Request Chain 141

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI-4nyb-q-DBZmBIyo_EAc8&google_cver=1&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9pUW5YFMnmKKQYTalLjAnI8AVHBQ7sZI HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI-4nyb-q-DBZmBIyo_EAc8&google_cver=1&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9pUW5YFMnmKKQYTalLjAnI8AVHBQ7sZI&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RExDRjNaRTJ1RWc4dHNSd1BwWDhrV0hFN1JJSlREUX5B&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9pUW5YFMnmKKQYTalLjAnI8AVHBQ7sZI

Request Chain 142

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPCr0GiBlkHQceDkqBSMFLU&google_cver=1&google_push=ASkJ3FaArkyCsZ0RFkl4WPloE3weVcowusBI0T0-fB6_IhBh-uFHeRjJEm_SmeYqMRV_RPFAVZWpd-VdRBc8ITGkbJKo0ye49iHXaysN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NzQ2ODI2OTkwNDM1MjU3NQ%3D%3D&google_gid=CAESEPCr0GiBlkHQceDkqBSMFLU&google_cver=1&google_push=ASkJ3FaArkyCsZ0RFkl4WPloE3weVcowusBI0T0-fB6_IhBh-uFHeRjJEm_SmeYqMRV_RPFAVZWpd-VdRBc8ITGkbJKo0ye49iHXaysN

Request Chain 143

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIpkD7J1O3S_Go2Z8S1T_M0&google_cver=1&google_push=ASkJ3FYzQaw-Qg0OqAtkjUIpm1NT1sN4UqTJ8yOgc8euPvzJXvAy4Gr52yXOzbd_ZuDfqvzJVjnI5tL7xZRQ7aDBU_HpXvnAZO87BdB3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&%%GOOGLE_PUSH_PAIR%%

146 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
meteo.ua/
Redirect Chain

http://meteo.ua/
https://meteo.ua/

749 KB
141 KB

669ms
546ms

Document
text/html

144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://meteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.77.76.144.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

40f95afbf5a591a697d4ca6dd69cfd013c7c1a6e062859852e80d1363754754c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Dec 2022 01:36:30 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 14 Dec 2022 01:36:30 GMT
Location: https://meteo.ua/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 main-end.min.css
meteo.ua/markup/css/ 113 KB
16 KB 93ms
92ms Stylesheet
text/css 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/css/main-end.min.css?v=715
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 777bd8c038b2ec69c39b6c86235b4f63caa17cd961c78a00b5f05ee7f87d16aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 11:31:09 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"634d3cfd-1c572"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.min.css
meteo.ua/markup/css/meteo-ua/ 92 B
301 B 93ms
93ms Stylesheet
text/css 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/css/meteo-ua/custom.min.css?v=715
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 779159d0ad926c814c7cd4753062396062f33c5e4ffa198043e9fe83def368f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 08:43:35 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61f25b37-5c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.svg
meteo.ua/uploads/21/08/30/ 4 KB
4 KB 61ms
60ms Image
image/svg+xml 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meteo.ua/uploads/21/08/30/logo.svg
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1824ee2886642a25923dd7e59bf25d4b812eea1a034a230e6196deb5512d23ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
last-modified: Wed, 08 Sep 2021 09:21:09 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61388085-f2c"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3884
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
47 KB 164ms
62ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBDKJKF

Requested by

Host: meteo.ua
URL: https://meteo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7550e3b976576da237321a6960dc7b947737856fe59de84226502c53b23ca87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47640
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 01:36:31 GMT

GET
H2

200

sfprodisplay-medium.woff2
meteo.ua/markup/font/sfprodisplay/
Redirect Chain

https://meteo.ua/markup/font/sfprodisplay/SFProDisplay-Medium.woff2
https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-medium.woff2

97 KB
98 KB

55ms
55ms

Font
application/octet-stream

144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-medium.woff2
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0c6a82db245ccdead24c2dffa62fe50553da0e3d5558d76fe2dba6101dbdef16

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
last-modified: Wed, 12 Jan 2022 09:04:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61de9997-185a0"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 99744
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 14 Dec 2022 01:36:30 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: text/html
location: /markup/font/sfprodisplay/sfprodisplay-medium.woff2
content-length: 178
x-xss-protection: 1; mode=block

GET
H2

200

sfprodisplay-regular.woff2
meteo.ua/markup/font/sfprodisplay/
Redirect Chain

https://meteo.ua/markup/font/sfprodisplay/SFProDisplay-Regular.woff2
https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-regular.woff2

87 KB
88 KB

57ms
57ms

Font
application/octet-stream

144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-regular.woff2
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a1c18cdb88e3752ef1e8243b98181bac203578d0bb6e8a312530170863b7424c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
last-modified: Wed, 12 Jan 2022 09:04:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61de9997-15d70"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 89456
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 14 Dec 2022 01:36:30 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: text/html
location: /markup/font/sfprodisplay/sfprodisplay-regular.woff2
content-length: 178
x-xss-protection: 1; mode=block

GET
H2 200 map-ua-extra.png
meteo.ua/uploads/21/11/03/ 4 KB
4 KB 55ms
55ms Image
image/png 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meteo.ua/uploads/21/11/03/map-ua-extra.png
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bff6765fee7cf8f979aacbe81adf420fe199738945d02ff9cde22ae855382b96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
last-modified: Wed, 03 Nov 2021 14:22:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61829b34-1012"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4114
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
meteo.ua/ 622 KB
622 KB 412ms
412ms Image
text/html 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meteo.ua/

Requested by

Host: meteo.ua
URL: https://meteo.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.77.76.144.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization
x-xss-protection: 1; mode=block

GET
H2 200 logo_ua.svg
meteo.ua/markup/img/ 4 KB
4 KB 55ms
55ms Image
image/svg+xml 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meteo.ua/markup/img/logo_ua.svg
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ed85eb75abde0b81a93dc50e83b315298e77208bb7c361dcf89112ad5217a8d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
last-modified: Thu, 22 Sep 2022 10:01:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "632c3288-fa7"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4007
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 build.min.js Show response
meteo.ua/markup/js/ 485 B
550 B 110ms
109ms Script
application/javascript 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/js/build.min.js?v=715
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7f0686db318a27df1b8708658b84f2b45edb5d9ac844258f251f343a0013990f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:30 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 11:34:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61efe04f-1e5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sfprodisplay-semibold.woff2
meteo.ua/markup/font/sfprodisplay/
Redirect Chain

https://meteo.ua/markup/font/sfprodisplay/SFProDisplay-Semibold.woff2
https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-semibold.woff2

98 KB
98 KB

55ms
55ms

Font
application/octet-stream

144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/font/sfprodisplay/sfprodisplay-semibold.woff2
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 435025a4300a35e95c2c15c0d09aadd1604a085975579e4bc1156816fa1e93f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
last-modified: Wed, 12 Jan 2022 09:04:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61de9997-18768"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 100200
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Wed, 14 Dec 2022 01:36:31 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: text/html
location: /markup/font/sfprodisplay/sfprodisplay-semibold.woff2
content-length: 178
x-xss-protection: 1; mode=block

POST z
s.zmctrack.net/ Frame 9FF2 0
0

GET
H2 200 custom.min.js Show response
meteo.ua/markup/js/meteo-ua/ 29 B
283 B 56ms
56ms Script
application/javascript 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/js/meteo-ua/custom.min.js?v=715
Requested by: Host: meteo.ua
URL: https://meteo.ua/markup/js/build.min.js?v=715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4bd71d1ea09684267ef165ab410515c1775f6d35931da213a57a1466d9042f5a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 07:41:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61975525-1d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.js Show response
meteo.ua/markup/js/ 443 KB
129 KB 61ms
61ms Script
application/javascript 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/js/main.min.js?v=715
Requested by: Host: meteo.ua
URL: https://meteo.ua/markup/js/build.min.js?v=715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 97f535dc95a690af2f1feb4c96d997ae6849bb18e55ae5485123a483030a7d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 11:31:09 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"634d3cfd-6eae5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 149ms
47ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDKJKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 01:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1245
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 03:15:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2S2P3LM20F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDKJKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

504a1deddfa87e4710633623b20a0de36b1249a315452500ab0d456e485beceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 01:36:31 GMT

GET
H2 200 sprite.svg
meteo.ua/markup/img/ 122 KB
122 KB 55ms
54ms Other
image/svg+xml 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/img/sprite.svg
Requested by: Host: meteo.ua
URL: https://meteo.ua/markup/js/main.min.js?v=715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0f6384d5e39776fbef8f86437737abf5d2975aa2756932cf03755e2584b470dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
last-modified: Wed, 12 Jan 2022 09:04:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61de9997-1e828"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124968
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sprite.svg
meteo.ua/markup/img/ 122 KB
122 KB 55ms
54ms Image
image/svg+xml 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meteo.ua/markup/img/sprite.svg
Requested by: Host: meteo.ua
URL: https://meteo.ua/markup/js/main.min.js?v=715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0f6384d5e39776fbef8f86437737abf5d2975aa2756932cf03755e2584b470dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
last-modified: Wed, 12 Jan 2022 09:04:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61de9997-1e828"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124968
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.svg
meteo.ua/markup/img/bg/ 60 KB
61 KB 55ms
54ms Image
image/svg+xml 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meteo.ua/markup/img/bg/main.svg
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4371793711f7434b6e02e85e641cca4c4775c0444465b2d33b2d0976c0fb04fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
last-modified: Wed, 01 Sep 2021 08:59:29 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "612f40f1-f11a"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 61722
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
342 B 138ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2S2P3LM20F&gtm=2oebu0&_p=1457406554&cid=367695886.1670981791&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670981791&sct=1&seg=0&dl=https%3A%2F%2Fmeteo.ua%2F&dt=METEO.UA%E2%84%A2%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%2C%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E.%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20%D0%B8%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2S2P3LM20F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite.svg
meteo.ua/markup/img/ 122 KB
122 KB 67ms
67ms Other
image/svg+xml 144.76.77.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://meteo.ua/markup/img/sprite.svg
Requested by: Host: meteo.ua
URL: https://meteo.ua/markup/js/main.min.js?v=715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.77.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.2.77.76.144.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0f6384d5e39776fbef8f86437737abf5d2975aa2756932cf03755e2584b470dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
last-modified: Wed, 12 Jan 2022 09:04:23 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61de9997-1e828"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124968
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 156ms
55ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1457406554&t=pageview&_s=1&dl=https%3A%2F%2Fmeteo.ua%2F&ul=en-us&de=UTF-8&dt=METEO.UA%E2%84%A2%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%2C%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E.%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20%D0%B8%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1298163953&gjid=2033990829&cid=367695886.1670981791&tid=UA-22113067-1&_gid=1829720191.1670981791&_r=1&gtm=2wgbu0KBDKJKF&z=960347620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 155ms
56ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1457406554&t=pageview&_s=1&dl=https%3A%2F%2Fmeteo.ua%2F&ul=en-us&de=UTF-8&dt=METEO.UA%E2%84%A2%3A%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%2C%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E.%20%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20%D0%B8%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=688494855&gjid=1230129356&cid=367695886.1670981791&tid=UA-22113067-3&_gid=1829720191.1670981791&_r=1&gtm=2wgbu0KBDKJKF&z=1786157927

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 186ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4044640932202842

Requested by

Host: meteo.ua
URL: https://meteo.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb1c58545575db7e011914a8a08e5172b996d5c2c0856005bb52550ab0e4ec1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Origin: https://meteo.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49580
x-xss-protection: 0
server: cafe
etag: 14538327144195433294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:31 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 528ms
125ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:42 GMT
server: nginx
etag: W/"6375fd62-2c101"
x-cached-since: 2022-12-14T01:28:18+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Wed, 23 Nov 2022 10:15:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 132ms
43ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22113067-1&cid=367695886.1670981791&jid=1298163953&gjid=2033990829&_gid=1829720191.1670981791&_u=YADAAEAAAAAAACAAI~&z=749797682

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 01:36:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meteo.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 163ms
58ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22113067-1&cid=367695886.1670981791&jid=1298163953&_u=YADAAEAAAAAAACAAI~&z=101852839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 170ms
59ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22113067-1&cid=367695886.1670981791&jid=1298163953&_u=YADAAEAAAAAAACAAI~&z=101852839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 188ms
90ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4044640932202842&plah=meteo.ua&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4044640932202842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599d25c3e9ce4a95bb76cf527284ac770ba6f2edbf469891ea68f9887c85151e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119969
x-xss-protection: 0
server: cafe
etag: 14123867309243879922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame BB62 10 KB
5 KB 155ms
49ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4044640932202842

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 30621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 17:06:10 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 17:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
693 B 169ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=meteo.ua&callback=_gfp_s_&client=ca-pub-4044640932202842&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4044640932202842&plah=meteo.ua&bust=31071168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484611811944e5cfdfac774736bfc5507a281739034b1c4d3b2c874d0544954e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 215ms
64ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=meteo.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 171ms
61ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=meteo.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
85ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&tn=DIV&id=choiceLanguage&cls=modal%20modal-custom%20show&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 84ms
84ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A187 157 KB
44 KB 330ms
229ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&adk=1812271804&adf=3025194257&lmt=1670981792&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791691&bpp=5&bdt=855&idt=314&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7233383170810&frm=20&pv=2&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67e0c8ef79fbaa5b3a80db4711fcc3972d588bae4a4d28a6bb2d1a58d9d1c6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45477
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 189ms
72ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efbf865099a286260eea01d5ba8626dce3a43c4735f9acf93dba81348e64a4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11144
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BB9 85 KB
31 KB 355ms
266ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=90&slotname=5555044044&adk=1322455905&adf=2696040145&pi=t.ma~as.5555044044&w=728&lmt=1670981792&format=728x90&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791696&bpp=1&bdt=860&idt=340&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sfaWs1w0cl&p=https%3A//meteo.ua&dtd=346

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae80a2aaf0bbf0ca6b68a4517d60e24368eab10cdc9bb5438b18a913cc23e788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32029
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79D3 436 B
235 B 333ms
253ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=600&slotname=1092537939&adk=4124563554&adf=3394633782&pi=t.ma~as.1092537939&w=300&lmt=1670981792&format=300x600&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791699&bpp=1&bdt=864&idt=349&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mcKfNaw26w&p=https%3A//meteo.ua&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28dec5532b81543ccf1c8563c38f236b61f15801818c77861fd06f52260753d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/51428/ Frame 83B1 738 B
542 B 114ms
113ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Wed, 14 Dec 2022 01:36:32 GMT
etag: W/"6375fd72-2e2"
expires: Wed, 29 Nov 2023 16:49:41 GMT
last-modified: Thu, 17 Nov 2022 09:22:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:49:41+00:00
x-id: fr5-up-gc37

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/51428/ 23 KB
8 KB 118ms
118ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:56 GMT
server: nginx
etag: W/"6375fd70-5d41"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:28:14+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:28:13 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/51428/ 75 KB
20 KB 129ms
129ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:47 GMT
server: nginx
etag: W/"6375fd67-12c39"
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:49:44+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 16:49:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E809 436 B
234 B 283ms
234ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=600&slotname=6676554023&adk=3461200028&adf=2750572493&pi=t.ma~as.6676554023&w=300&lmt=1670981792&format=300x600&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791699&bpp=1&bdt=864&idt=381&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CopeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=VS8mhvsMSY&p=https%3A//meteo.ua&dtd=384

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d069ae35e0c0e7eb7732bee36c0078f016d5cde689df80dade9f473125ef6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 201ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 8 KB
3 KB 166ms
52ms Script
application/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5131705298945013&cpv=7aaed084-a307-eab5-2f69-ecde1a809ce0&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227cf36016-0bd0-3570-0296-12eb305a5672%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fmeteo.ua%252F%25232022-12-14--03-00%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226b4b62b3-b1db-ebd5-d626-941991d3ddec%22%2C%22tagid%22%3A%22caa3c784-e1f7-425c-ac54-4ea8110e5f86%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_caa3c784e1f7425cac544ea8110e5f86_zone_5435_sect_995_site_982%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%220af0ba9a-42ff-85b3-affa-5bcf47b5b955%22%2C%22tagid%22%3A%222f4a597f-51b9-4403-9d73-83202af42d51%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2f4a597f51b944039d7383202af42d51_zone_7332_sect_995_site_982%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2206651bdc-a9ba-e5d0-515e-2dfdbb940086%22%2C%22tagid%22%3A%22cfc7d84e-2bb3-4f5f-8d1a-554cdf7dae18%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cfc7d84e2bb34f5f8d1a554cdf7dae18_zone_8424_sect_995_site_982%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

783faf491d105d77aa261aad743939693dfbbc159027e60cb12cd2d7ca8e07f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:36:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 2358
X-Xss-Protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 7BB9 8 KB
1 KB 159ms
55ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=90&slotname=5555044044&adk=1322455905&adf=2696040145&pi=t.ma~as.5555044044&w=728&lmt=1670981792&format=728x90&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791696&bpp=1&bdt=860&idt=340&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sfaWs1w0cl&p=https%3A//meteo.ua&dtd=346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:33:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7BB9 2 KB
765 B 205ms
86ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7BB9 23 KB
9 KB 176ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7BB9 3 KB
1 KB 167ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7BB9 18 KB
7 KB 187ms
68ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BB9 153 KB
47 KB 168ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 7BB9 34 KB
15 KB 180ms
56ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 20:17:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517da58e76ba7a9cc84352604ebbb7d71268469a77244e265540dd773aff607c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52354
x-xss-protection: 0
server: cafe
etag: 2764835748408301230
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7BB9 0
0 95ms
95ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY4UyoCiZY6-5CtvVgAed-pfACdnM1uVtj6Wzot8Qg664nL0BEAEg4orYBWC7hoCA0AqgAeKy_vEoyAEBqQJnVYqH7daxPqgDAcgDywSqBLEBT9AdMgVPx4LvG8yIB3YNcyVgrJqJwo89Mq2RquN9CWasHVhSsUVqiiqsolp5aHDnxmbqVnRA7s3yTOX_FcKC6FQTCBwJru6ZVAQAibzkGtpgBxjNFBJe0dio63BDNqcT8iGsuCGVuSso-X9XVanYzJ4aIOx3Kyzp9dWlF0tkJFpwAkpbIxdksGEpUKJfwQMN0SovIuQR3Ay7DCZxbPUBar1BVDJ9f3hU8xGo0L0VP3vJwAS2mLCEpQSSBQQIBBgBkgUECAUYBIAH4urO0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC39QHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00MDQ0NjQwOTMyMjAyODQyGAA&sigh=H0u1arXGkak&uach_m=[UACH]&cid=CAQSGwDq26N9-coZ1XO6sBLP2UmD5Y-SSRY-Qr_v9xgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=90&slotname=5555044044&adk=1322455905&adf=2696040145&pi=t.ma~as.5555044044&w=728&lmt=1670981792&format=728x90&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791696&bpp=1&bdt=860&idt=340&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sfaWs1w0cl&p=https%3A//meteo.ua&dtd=346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 01:36:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/51428/ 28 KB
11 KB 124ms
123ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:01 GMT
server: nginx
etag: W/"6375fd75-702f"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:29:40+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:29:40 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/51428/ 42 KB
18 KB 134ms
133ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:02 GMT
server: nginx
etag: W/"6375fd76-a793"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:29:34+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:29:34 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/51428/ 13 KB
5 KB 115ms
114ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:54 GMT
server: nginx
etag: W/"6375fd6e-326c"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:28:21+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:28:21 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/51428/ 11 KB
4 KB 154ms
154ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:53 GMT
server: nginx
etag: W/"6375fd6d-2a79"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:28:21+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:28:21 GMT

GET
H2 200 f744d5275c14e0b3b41a.b.js Show response
cdn.admixer.net/scripts3/51428/ 216 KB
75 KB 147ms
147ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:02 GMT
server: nginx
etag: W/"6375fd76-360b6"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:28:34+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:28:34 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 150ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://meteo.ua
date: Wed, 14 Dec 2022 01:36:32 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 162ms
55ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Dec 2022 01:36:32 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 149ms
43ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://meteo.ua
date: Wed, 14 Dec 2022 01:36:32 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 283ms
69ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=16f693eae0fd4bbcad89a3fa39d83c24
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 14 Dec 2022 01:36:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjIyNENBRUEtNzk5MS00MzYwLUI4MTQtOTFFOUZGRDlFODQz&gdpr=0&gdpr_consent={consent}
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D6224CAEA-7991-4360-B814-91E9F...
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6224CAEA-7991-4360-B814-91E9FFD9E843

43 B
463 B

59ms
59ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6224CAEA-7991-4360-B814-91E9FFD9E843

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:36:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=6224CAEA-7991-4360-B814-91E9FFD9E843
date: Wed, 14 Dec 2022 01:36:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=16f693eae0fd4bbcad89a3fa39d83c24&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=16f693eae0fd4bbcad89a3fa39d83c24&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admixer
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=70&user_id=697082879330615914&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&gdpr=&consent=&gdpr_pd=

43 B
463 B

54ms
54ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&gdpr=&consent=&gdpr_pd=

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:36:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&gdpr=&consent=&gdpr_pd=
date: Wed, 14 Dec 2022 01:36:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=16f693eae0fd4bbcad89a3fa39d83c24
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D16f693eae0fd4bbcad89a3fa39d83c24

43 B
849 B

50ms
49ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D16f693eae0fd4bbcad89a3fa39d83c24

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:36:32 GMT
AN-X-Request-Uuid: b2bad776-e81f-46db-af88-615bd67d9dfe
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:36:32 GMT
AN-X-Request-Uuid: 97b2196b-739a-4b6d-980b-1c95563b7821
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D16f693eae0fd4bbcad89a3fa39d83c24
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

45ms
45ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 14 Dec 2022 01:36:32 GMT, Wed, 14 Dec 2022 01:36:32 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Wed, 14 Dec 2022 01:36:32 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 856C 13 KB
5 KB 145ms
59ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 9228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 23:02:44 GMT
expires: Wed, 13 Dec 2023 23:02:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CFF8 783 B
532 B 155ms
58ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cda23cc379e9e41b1bced8b220920a6e5a5957867f177c4335bd3e090fb9458f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bghQrwTcJ4fCXVvbciaNEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-bghQrwTcJ4fCXVvbciaNEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 152ms
55ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=meteo.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 150ms
55ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=meteo.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame C167 10 KB
4 KB 49ms
49ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 83349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C167 4 KB
709 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:46:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C167 205 B
518 B 59ms
58ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:31:19 GMT
x-content-type-options: nosniff
age: 7513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Dec 2023 23:31:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C167 604 B
694 B 59ms
59ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:21:39 GMT
x-content-type-options: nosniff
age: 8093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Dec 2023 23:21:39 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame C167 19 KB
8 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 06:12:58 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 46ms
46ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=16f693eae0fd4bbcad89a3fa39d83c24&zone=2F4A597F-51B9-4403-9D73-83202AF42D51&device=28&rule=C8CEEB57-253A-4573-9BE1-6C8F5F6C9B3E&requestId=b95abef4-8d83-4989-87b7-3b22a155975b&hp=1023913995&page=meteo.ua%2F%232022-12-14--03-00&segments=497%2C2%2C7&ts=638065785923817726&ap=MA%3D%3D&asign=-998171590&sync=3%2C88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=EC22C9D7-50A2-4F92-8DE0-2C6FE57A0518&inst=ADS-EU-6&pxl=0&pvid=e981aeeb-6990-453b-afc7-f0124254447d&ip=217.138.196.105&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 01:36:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 94ms
47ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=16f693eae0fd4bbcad89a3fa39d83c24&zone=2F4A597F-51B9-4403-9D73-83202AF42D51&device=28&rule=34CC2052-25D0-4C7D-8B2D-F541FB9F1A0C&requestId=b95abef4-8d83-4989-87b7-3b22a155975b&hp=1023913995&page=meteo.ua%2F%232022-12-14--03-00&segments=7%2C497%2C2&ts=638065785923817726&ap=MA%3D%3D&asign=-998171590&sync=3%2C88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=EC22C9D7-50A2-4F92-8DE0-2C6FE57A0518&inst=ADS-EU-6&pxl=0&pvid=e981aeeb-6990-453b-afc7-f0124254447d&ip=217.138.196.105&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 01:36:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 856C 36 KB
16 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CFF8 0
0 84ms
84ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=307355481368742&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE2E 143 B
166 B 48ms
48ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=90&slotname=5555044044&adk=1322455905&adf=2696040145&pi=t.ma~as.5555044044&w=728&lmt=1670981792&format=728x90&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981791696&bpp=1&bdt=860&idt=340&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=20&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981792&ga_hid=1457406554&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767166%2C31071168%2C44779794%2C44778768%2C44780792&oid=2&pvsid=307355481368742&tmod=330786373&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sfaWs1w0cl&p=https%3A//meteo.ua&dtd=346
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 00:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7BB9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aa599e0aa2f0c44f9eaadfa8713a61e41d05f55a78364ba79b3cfd879418399

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1A39 8 KB
895 B 185ms
65ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:32:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1A39 2 KB
765 B 56ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1A39 23 KB
9 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1A39 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1A39 18 KB
7 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A39 153 KB
47 KB 160ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:36:32 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 1A39 34 KB
14 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 17:06:09 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6D35 15 KB
6 KB 128ms
42ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=meteo.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 383018
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ 227 B
461 B 166ms
47ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=39287494711

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1e7ee9a9ee0a86107de56ffb1854c6a3f4962fb8c2d21064d8fac2e0a75468d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Dec 2022 01:36:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://meteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 198

POST
H2 200 cdb Show response
bidder.criteo.com/ 227 B
460 B 163ms
48ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=214756493

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

bd33ac673bf14d1f3c2be23af5fc2373e8e3f8adab2a3d1bcd2cc2aa74d1a99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://meteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 198

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7BB9 28 KB
28 KB 166ms
51ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 577961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD96 143 B
166 B 49ms
48ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 00:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE2E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
58ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 856C 0
10 B 52ms
52ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hnqzcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD96
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
56ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
expires: Wed, 14 Dec 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6D35
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=meteo.ua&sn=ChromeSyncframe&so=0&topUrl=meteo.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=PVnnpnx0RXRYMmJranQyMW9Qa2I4N1FGSENqaklDdHFWa1AvaU00OCt4NjZNR3hlRjRGeFpTMHd1ZjUzZVFGTHlnTngrSS82V3pmeUNrR0EyTWllR3MrTzcwUGRDT3M1MHQxTjBrK1ZRK3diLzQ5NVhZUjZTcVlPM3ZoTk...

468 B
665 B

135ms
44ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PVnnpnx0RXRYMmJranQyMW9Qa2I4N1FGSENqaklDdHFWa1AvaU00OCt4NjZNR3hlRjRGeFpTMHd1ZjUzZVFGTHlnTngrSS82V3pmeUNrR0EyTWllR3MrTzcwUGRDT3M1MHQxTjBrK1ZRK3diLzQ5NVhZUjZTcVlPM3ZoTk5FM0R3L3JkcG91bEc0bnM4MVBBaHI3ZjQ2eDZqNnU1c1JBd1pEakVjSXFFVnlwZ3FGRlNZUllmTmFiTlNIWnczUGc0WWVtM1UySGRQRkpvVG4wc3JDRis3bFhQSDd5NlNQRGUvUEdyZTkvUW8vdmVWOGNYaDB5NGxmd2QxM0pZa0VoMFg3ZW1iS0owUkxNR1NubldsUHozUURRQTh3UT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e5a218c8d613094db9c58250857a837e09d0e087da62e865e3ad013385ba72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1288674
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=PVnnpnx0RXRYMmJranQyMW9Qa2I4N1FGSENqaklDdHFWa1AvaU00OCt4NjZNR3hlRjRGeFpTMHd1ZjUzZVFGTHlnTngrSS82V3pmeUNrR0EyTWllR3MrTzcwUGRDT3M1MHQxTjBrK1ZRK3diLzQ5NVhZUjZTcVlPM3ZoTk5FM0R3L3JkcG91bEc0bnM4MVBBaHI3ZjQ2eDZqNnU1c1JBd1pEakVjSXFFVnlwZ3FGRlNZUllmTmFiTlNIWnczUGc0WWVtM1UySGRQRkpvVG4wc3JDRis3bFhQSDd5NlNQRGUvUEdyZTkvUW8vdmVWOGNYaDB5NGxmd2QxM0pZa0VoMFg3ZW1iS0owUkxNR1NubldsUHozUURRQTh3UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 691798
content-length: 0
expires: 0

POST
H2 204 events
bidder.criteo.com/csm/ 0
209 B 47ms
46ms Ping
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://meteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 47ms
47ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=16f693eae0fd4bbcad89a3fa39d83c24&zone=2F4A597F-51B9-4403-9D73-83202AF42D51&device=28&rule=34CC2052-25D0-4C7D-8B2D-F541FB9F1A0C&requestId=b95abef4-8d83-4989-87b7-3b22a155975b&hp=1023913995&page=meteo.ua%2F%232022-12-14--03-00&segments=2%2C7%2C497&ts=638065785923817726&ap=MA%3D%3D&asign=-998171590&sync=3%2C88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=EC22C9D7-50A2-4F92-8DE0-2C6FE57A0518&inst=ADS-EU-6&pxl=0&pvid=e981aeeb-6990-453b-afc7-f0124254447d&ip=217.138.196.105&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 01:36:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E84D 145 KB
48 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4044640932202842

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2d05f1b0a7539323d19f62af266a04dc9f5414b0f44e71eb9f85b4eae396338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Origin: https://meteo.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49604
x-xss-protection: 0
server: cafe
etag: 16652368982534897857
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:33 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
209 B 50ms
50ms Ping
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://meteo.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 01:36:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://meteo.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 51ms
51ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=16f693eae0fd4bbcad89a3fa39d83c24&zone=2F4A597F-51B9-4403-9D73-83202AF42D51&device=28&rule=34CC2052-25D0-4C7D-8B2D-F541FB9F1A0C&requestId=b95abef4-8d83-4989-87b7-3b22a155975b&hp=1023913995&page=meteo.ua%2F%232022-12-14--03-00&segments=2%2C7%2C497&ts=638065785923817726&ap=MA%3D%3D&asign=-998171590&sync=3%2C88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=EC22C9D7-50A2-4F92-8DE0-2C6FE57A0518&inst=ADS-EU-6&pxl=0&pvid=e981aeeb-6990-453b-afc7-f0124254447d&ip=217.138.196.105&item=33EFBBFB-8ECB-48BB-82A8-B665AE56F28E&crid=33EFBBFB-8ECB-48BB-82A8-B665AE56F28E&size=580x400&profile=B39DA98F-F163-4CAD-8BA0-E2A1CF3E84F9&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 01:36:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 80ms
47ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=16f693eae0fd4bbcad89a3fa39d83c24&cet=4&zone=2F4A597F-51B9-4403-9D73-83202AF42D51&rule=AFB378E0-7EEF-45A6-9176-E2C450BD8E0E&requestId=b95abef4-8d83-4989-87b7-3b22a155975b&hp=1023913995&page=meteo.ua%2F%232022-12-14--03-00&pvid=e981aeeb-6990-453b-afc7-f0124254447d&inst=ADS-EU-6&ts=638065785923817726&sf=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 01:36:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2691 36 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: meteo.ua
URL: https://meteo.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DE4 36 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ Frame E84D 355 KB
117 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4044640932202842&plah=meteo.ua&bust=31071277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4044640932202842

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30bc73b0b1b3f5ceaefff4e2a62fb3cea85145bf14a4742b1c857568c2e41db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119725
x-xss-protection: 0
server: cafe
etag: 4488604598008995688
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:33 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E84D 12 B
53 B 156ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=meteo.ua&callback=_gfp_s_&client=ca-pub-4044640932202842&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4044640932202842&plah=meteo.ua&bust=31071277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame E84D 107 B
122 B 58ms
58ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=meteo.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E84D 107 B
122 B 59ms
58ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=meteo.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E84D 0
20 B 85ms
85ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: meteo.ua
URL: https://meteo.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E84D 0
20 B 85ms
84ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: meteo.ua
URL: https://meteo.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFD0 10 KB
4 KB 125ms
124ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&adk=1812271804&adf=480832092&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793146&bpp=4&bdt=183&idt=162&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.u2qeoiaekuz5&fsb=1&dtd=181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc239e80927a3e7606248573183acf62154e988bf36cf0692959d16f62fba615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 4496
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E84D 15 KB
11 KB 66ms
66ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e96fc918b680a7ab13ad2a6e0d28230bbcd4cb9307590f66acda17c47d9b051a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11208
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9CE 103 KB
35 KB 227ms
227ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=333&slotname=7997035246&adk=3507679953&adf=2751417943&pi=t.ma~as.7997035246&w=650&format=650x333&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793150&bpp=1&bdt=187&idt=180&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1041&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.qr8nb7cyyvqb&fsb=1&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7b582a86d034b2f514ab80f139966e01cf34739894c318492b9666d9d18a91d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36135
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E84D 17 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:36:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
85ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=307355481368742&bg=!CQqlCk7NAAYgquz3AKo7ACkAdvg8Wuyxy3xAIDQn7hVYlv2pTvl9jiIZmj_CRibd7MH0E7sk7seGGwIAAABYUgAAAAJoAQcKAOBZSw4PgHYUlbLfBbrx1ZxuXObAMJoR2ev0Jcifya-eKmF4SvYMm8OmcAkNeeWrHHVTqFT1BFD6IUdAn3WClkmfh_pySeA7wBbcNfmq4MEXUgHZFlcgGS0zm6BrALlvVa9ZWdOHzgz4_kAMu4dOIF4jgwoFwVbMh9osZmKwAU4GDhCiWjw5RR5qhs80qHscYHJGDlIDsC4QTYe_qXyoOQuIdGdTag16Ns-71NySvj-Oi84AFVzvYXoCSsKlbcu0ZdxNREFyl2gq7hG1CiMfGJFme48-HI9pBLjyJXuXvB9bgpkCjv7lOxEuRtpoREMYs7Ax3DWI0xbeU4xvickfpfDVkg6lX6jTSeHmE8h5-1AzeGvk9pi743X_vjn32Yz8Ra9qOL-a7alkV1gy8RbPtLtn_UwEN67aIJ_kTbnU7zQWbyAmcAzFoiGV3y14gMFE7_wLoXnIxYjg3hoVMGjDfO6aLaHaW3Miq0OX9zeYA5fXKIHmKGDbCTfmWD9iL5Qif13l_Ybgix_ycGK6Q332lbarqQGiHruWGwzXUPAqj9tRybk-Jba6Qn0OZ1YXBj98nWWnEn-1-8QzUbDwc9AjBpKXN4PjHt_bOYncbUx76fbElzoJ7KbOmwOyvD5-AFUrzXDgTA1ZYGu6SFsKKizfc6AVjcJ55GCiULQ7L0IevRzMexBFLhvW6BLHIQpCaVm22L0YPxn0ogZP__BlPULyLic7mDdlIsO21_vU4kPN1kJqAoFMLVPLg-sHHo7xk7BH6szKyAxx-z0MtkwpYFJQxK8eqw_H0Rs0Tbar7MSrrNpLypIBgSwJ9sIPQ0JYJJp2Op8zLCVVNGeHVJh_ZGSdaIPyFkqaDlwjEGc8SQ_SVz7CVVyIjLFR4uzjNS0ZUA8dh8xn3K8rPR_vzLkP9a1QpdLbKv9ZbRyN0zlfWk1P3Wai4kLHGRA18zPcBWx6RiFUgagB6aLuJRh0PhHWEzUrbHrOo2VysXogJaQwrIoox-3NUZ93DGIDHlPvH1a_HWATwgwDbbWKG5P9OdMfJYd4p-rF6T3-9hkKqxY8U02521yymT3-hWeKwYxaGcSxQHU_UpMJkGtQolEf4GwHdSJcKDVPOE_F3y_uJWEVt5Kc51K6EKE8_13X8rxp7qF_TuFnoM86_A4VqKHMsC6nAO7DRlw2OQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44B2 13 KB
5 KB 50ms
49ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 9229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 23:02:44 GMT
expires: Wed, 13 Dec 2023 23:02:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 941D 783 B
534 B 57ms
56ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ae25c194f2ec4ba18a9503c226c73f1c2e7d4604b12451a407a0abf8d610a2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uxBlObDCcHWed4aU4qhdQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meteo.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-uxBlObDCcHWed4aU4qhdQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 01:36:33 GMT
expires: Wed, 14 Dec 2022 01:36:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 44B2 36 KB
16 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 941D 0
0 83ms
83ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2161166436625988&rc=
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame A9CE 8 KB
895 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=333&slotname=7997035246&adk=3507679953&adf=2751417943&pi=t.ma~as.7997035246&w=650&format=650x333&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793150&bpp=1&bdt=187&idt=180&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1041&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.qr8nb7cyyvqb&fsb=1&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 01:26:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 01:36:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A9CE 2 KB
765 B 47ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A9CE 0
0 94ms
93ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM6xKoSiZY674FvrZ-gb5hai4DZOOkvhtia6AxMIQuuHomcsBEAEg4orYBWC7hoCA0AqgAZ-48YwpyAEJqQJnVYqH7daxPqgDAcgDywSqBLABT9AKNmOS102u83eaolNr2zBmhGC9NSaB3C2kSQbfxNNHCu56LaGNXkrISKjgNlbbFpYlZW_W5wnTG-HliuCXW8wCX5xQGaCou3h85CmRfaMgcJPCAu-t18_hWezzRtTcVljAOMI9LuX9CKChQEHLW-Qq4EPpyMg6wBxQm03RpyfCQc5h_S93J4qg-J7JzB8z3dSyW0GWcBWilZeZRckwf7fwXcaHrBP1eeYGnxFWn9LABP_xz7eTBJIFBAgEGAGSBQQIBRgEoAYugAef8MHsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMiPA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTQwNDQ2NDA5MzIyMDI4NDIYAA&sigh=H7zgf0jmzDI&uach_m=[UACH]&cid=CAQSOwDq26N9YBAxNCKSbNAtL0E0CpEBXPPv2aM1L8ZObqmBl1aEvL2DiThxTFzm0gODaltHGaOYQJz1AVR0GAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=333&slotname=7997035246&adk=3507679953&adf=2751417943&pi=t.ma~as.7997035246&w=650&format=650x333&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793150&bpp=1&bdt=187&idt=180&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1041&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.qr8nb7cyyvqb&fsb=1&dtd=184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A9CE 23 KB
9 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A9CE 3 KB
1 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 22:55:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A9CE 18 KB
7 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9CE 153 KB
47 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 01:36:33 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame A9CE 34 KB
14 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 20:17:57 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5516828436038480020/ Frame A9CE 121 KB
121 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5516828436038480020/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba39a88a1887e575637dc2cec1a6e3bbf0410dd16021c8209495ac614420a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 21:30:02 GMT
x-content-type-options: nosniff
age: 187591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123995
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:04:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Dec 2023 21:30:02 GMT

GET
DATA 200
OK truncated
/ Frame A9CE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A9CE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B3B5 1 KB
643 B 48ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9CE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e25bb4c8697cb8662a901178d5da08c06806f07d591b5ede1b3454111e5aaf8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 44B2 0
10 B 62ms
61ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i3vm2Q
Requested by: Host: meteo.ua
URL: https://meteo.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A9CE 28 KB
28 KB 144ms
47ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 577962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:03:51 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B3B5 70 B
265 B 154ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEwnOZ9FuvNZYHt9AJwsXeE&google_cver=1&google_push=ASkJ3FZXwYtTa21Zg769xuVct5M1YW6mcjjO_zUDs53HHILD_KvXD-7jap1M2X9oS6rvSzt0JTu1AbHg0ML50AaoWNiE-DPwmjUK9W8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=333&slotname=7997035246&adk=3507679953&adf=2751417943&pi=t.ma~as.7997035246&w=650&format=650x333&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793150&bpp=1&bdt=187&idt=180&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1041&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.qr8nb7cyyvqb&fsb=1&dtd=184
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3B5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELRqALQD9MzqaGcShZNLfXo&google_cver=1&google_push=ASkJ3FYGSPRk1cWAU7PcCzRnvyAM5YMAWJbMEwA242YMrzu6xa_mGief9h5hz81ZEGkbd4rWFIb10eree9tMLa...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxMjE1MzE2MzgwNjg2OQ%3D%3D&google_push=ASkJ3FYGSPRk1cWAU7PcCzRnvyAM5YMAWJbMEwA242YMrzu6xa_mGief9h5hz81ZEGkbd4rWFIb10eree9tMLawIDQ...

170 B
188 B

58ms
58ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxMjE1MzE2MzgwNjg2OQ%3D%3D&google_push=ASkJ3FYGSPRk1cWAU7PcCzRnvyAM5YMAWJbMEwA242YMrzu6xa_mGief9h5hz81ZEGkbd4rWFIb10eree9tMLawIDQDfZJ8jzKS1Czs

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjgxMjE1MzE2MzgwNjg2OQ%3D%3D&google_push=ASkJ3FYGSPRk1cWAU7PcCzRnvyAM5YMAWJbMEwA242YMrzu6xa_mGief9h5hz81ZEGkbd4rWFIb10eree9tMLawIDQDfZJ8jzKS1Czs
Date: Wed, 14 Dec 2022 01:36:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3B5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGOyXFJpbf0cz3Yada-3nk8&google_cver=1&google_push=ASkJ3FZRD8AX-I8AMGbf_e4l9focbevIasqSoJl5wlfnwU6_TqAh4m6EJlwDkzoaqjg4hI_AquHIvafH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3MDgyODc5MzMwNjE1OTE0&google_push=ASkJ3FZRD8AX-I8AMGbf_e4l9focbevIasqSoJl5wlfnwU6_TqAh4m6EJlwDkzoaqjg4hI_AquHIvafH...

170 B
188 B

99ms
61ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3MDgyODc5MzMwNjE1OTE0&google_push=ASkJ3FZRD8AX-I8AMGbf_e4l9focbevIasqSoJl5wlfnwU6_TqAh4m6EJlwDkzoaqjg4hI_AquHIvafHZJ5SWlyD2NbrhByOHSu4lGI

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3MDgyODc5MzMwNjE1OTE0&google_push=ASkJ3FZRD8AX-I8AMGbf_e4l9focbevIasqSoJl5wlfnwU6_TqAh4m6EJlwDkzoaqjg4hI_AquHIvafHZJ5SWlyD2NbrhByOHSu4lGI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame B3B5 43 B
350 B 145ms
40ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEI3ZcRnEM42AJ03cPoc8DOM&google_cver=1&google_push=ASkJ3FYX2nnMIYkyC48OwahBilFueBor2lu2Md2_NWtJ7pqxT-HeL8UDaKPHAF-1IOhyyCEPVCHCfnM4tXXIFgPHAGK0TwSSc7JxK1o
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4044640932202842&output=html&h=333&slotname=7997035246&adk=3507679953&adf=2751417943&pi=t.ma~as.7997035246&w=650&format=650x333&url=https%3A%2F%2Fmeteo.ua%2F%232022-12-14--03-00&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670981793150&bpp=1&bdt=187&idt=180&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&cookie=ID%3D253992925687595b-22547d930fda005a%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw&gpic=UID%3D00000b925e9fc526%3AT%3D1670981792%3ART%3D1670981792%3AS%3DALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA&prev_fmts=0x0&nras=1&correlator=7233383170810&frm=23&ife=5&pv=1&ga_vid=367695886.1670981791&ga_sid=1670981793&ga_hid=1611800385&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1041&biw=1600&bih=1200&isw=650&ish=333&ifk=2073020047&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531848%2C31071277%2C44780792&oid=2&pvsid=2161166436625988&tmod=1795586039&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C333&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.qr8nb7cyyvqb&fsb=1&dtd=184
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ih0g723ebdp07ffpr8gon430edh5jinm

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3B5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI-4nyb-q-DBZmBIyo_EAc8&google_cver=1&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9p...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI-4nyb-q-DBZmBIyo_EAc8&google_cver=1&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9p...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RExDRjNaRTJ1RWc4dHNSd1BwWDhrV0hFN1JJSlREUX5B&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdY...

170 B
188 B

57ms
57ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RExDRjNaRTJ1RWc4dHNSd1BwWDhrV0hFN1JJSlREUX5B&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9pUW5YFMnmKKQYTalLjAnI8AVHBQ7sZI

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01RExDRjNaRTJ1RWc4dHNSd1BwWDhrV0hFN1JJSlREUX5B&google_push=ASkJ3FbeKc2ULlF73dyRrknoYtGq-0r-8W2CAFUOiA6uvtTkdzXHghhdYriTM_eSuPXDplGJ9pUW5YFMnmKKQYTalLjAnI8AVHBQ7sZI
date: Wed, 14 Dec 2022 01:36:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3B5
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPCr0GiBlkHQceDkqBSMFLU&google_cver=1&google_push=ASkJ3FaArkyCsZ0RF...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NzQ2ODI2OTkwNDM1MjU3NQ%3D%3D&google_gid=CAESEPCr0GiBlkHQceDkqBSMFLU&google_cver=1&google_push=ASkJ3FaArkyCsZ0RFkl4WPloE3weVcowus...

170 B
188 B

63ms
58ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NzQ2ODI2OTkwNDM1MjU3NQ%3D%3D&google_gid=CAESEPCr0GiBlkHQceDkqBSMFLU&google_cver=1&google_push=ASkJ3FaArkyCsZ0RFkl4WPloE3weVcowusBI0T0-fB6_IhBh-uFHeRjJEm_SmeYqMRV_RPFAVZWpd-VdRBc8ITGkbJKo0ye49iHXaysN

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 01:36:33 GMT
AN-X-Request-Uuid: 6faa288f-0bd3-4744-b412-23cf6de29406
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5NzQ2ODI2OTkwNDM1MjU3NQ%3D%3D&google_gid=CAESEPCr0GiBlkHQceDkqBSMFLU&google_cver=1&google_push=ASkJ3FaArkyCsZ0RFkl4WPloE3weVcowusBI0T0-fB6_IhBh-uFHeRjJEm_SmeYqMRV_RPFAVZWpd-VdRBc8ITGkbJKo0ye49iHXaysN
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3B5
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIpkD7J1O...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

108ms
62ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362&%%GOOGLE_PUSH_PAIR%%
date: Wed, 14 Dec 2022 01:36:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B3B5 0
12 B 156ms
59ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kd6FYkMA5908sOeoBF-jKp_t3G5NDY_BhKbcslqA7NtAi74sGw3BsmL5kVzxx-ZQh2Y3NI-6FR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:36:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F3D 36 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 49ms
49ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=2f4a597f-51b9-4403-9d73-83202af42d51

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 01:36:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 46ms
46ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=cfc7d84e-2bb3-4f5f-8d1a-554cdf7dae18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 01:36:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BB9 42 B
64 B 86ms
85ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_UQlvc47DlbFxnEC49l6Xmc-CGM9KVqbRusz6h0jADoihKxUkrSkEoM-BtLdx_n7hA7F01NrcdCpvV8dPr6g2qcuaEuGrI8a-ZGeZ3CZNyiIUGnYNX6QPAVkVo35zgfm9sYb4jw&sai=AMfl-YRkC194upBg_4nSGOUbv4AHnryDaUumh1ulS81HsjCCwM_o1nHPX4TAVhJMF7IU-VxOEYc8a9Nl9PAbl20&sig=Cg0ArKJSzKcGIwh19lDiEAE&cid=CAQSGwDq26N9-coZ1XO6sBLP2UmD5Y-SSRY-Qr_v9xgBIBM&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1322455905&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670981792043&rpt=1016&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 01:36:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E84D 0
0 87ms
86ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2161166436625988&bg=!RUalRgLNAAYgquz3AKo7ACkAdvg8WuyA9688Z0Lq6QTI8aN1Vqo3he2dWUU2dd6qSKWk-b3BbaD6eAIAAABvUgAAAAxoAQcKAEwA-zn9wQzralbNzl8OuI-lJulpMMxNOmPWNK9_aj3f1nIyl4xMz0JXzwqr9alD6zQiBzLwTn9i8n70OmCaZaYxyksJaEFl8reDdZe1mQKpIJlSZUulijFMOFIp6Py0IWWscgxr7gdO-xHbYo7x1WgJBLwfIF7KrVdJJxbMX2Yc4waclHK-FCdfU7v7YwwBo4zKwlc157JsnzkocN8QLMJDJEvC92NmeuyW6DPhefzJ4rw7dnaW-oPIDnq8lXrT1R34MlN25AI2S5szWcmJiNqkq1frdTcaRxl3QLmXQ7BaDg16XuNYEpbButyP2RS1yqXJcu1zU_ri2KGbe6zV6xVDRTDFGWr39BmcJ8wMcX3jm1eTd9ZwaHVTFGI004R2nKS0Hla6tVCIGFwme7gA44MemJHAtEQk4LzZ8FuBXxOCE81v_y9wJN3j7LaYpad6zv0scj5Amto5QUFCLu2gnKerNssq0dk8HmdZsQtsaPvSEcs5rBgBcroJIGL499mCekEs8qRiXxs98LqFQATyoK8dsUj6m5Espkw3rmvrPpVgRjUVwr49GeichwLvIb7VNeXGlXkJF4uoDgozILVmhmz6clZKdTJXq_sOlzauKHegozkmGcGh7z3Hy3TLYPZ8yc49IYG5P-gtO2f9Gk_cpsfzGYlwaCJ2NtMdToBqlKvU0cObQoeK099KFJMJEZufeyJ9fdyH4bbyYHEfltPXpLMcLtPNLpi6ogB6TPqV_wYDb-epnkvf6kBwEJErtNmjj9mJ7T3Jzpbyic338cS9aUmZ4CxpgUbI85vOSgrhdOMgP4Lvyn8J1W1nJxLvsoWkIXw6jj7zUW2fKRN3X0BkAWx2N-WhJN7REliYDsqFpmZU4Bym_Bx3A9PIMS-mXgFmLNqoy1wDVaX59jiSbGRIPhsbzStvU5FYQIYYmqMujV-2FmUwbpc9n1Fp-HcOiGfo8MtWbANo4ZAX3M813sDHpYwNcjG2VDNGa0rEHTlDqg4fxw4YIJ_9EnlG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://meteo.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.zmctrack.net
URL: https://s.zmctrack.net/z

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 10:19:17	Name: am-uid Value: 16f693eae0fd4bbcad89a3fa39d83c24
meteo.ua/	1970-01-20 16:55:17	Name: _SELECTED_CITY_ Value: eyJpdiI6IkpNbW1CeWdqSTJrUzhKZ2VIWUoydFE9PSIsInZhbHVlIjoiSmd1MW5paGM0a0VWK2N6a2VndWx2R1hGaFBSWCtQSFVRZ2ZRSVZCbXVtSXJ0TWlMdFNsOVZEbnIreFVcL0ZRaFUiLCJtYWMiOiJhYjM1ZjZjYjk3YzEyMDU1MjkwYmVmOTRiOWRjNTEwYzY5ODUyMGRjYjRiNWQ2ZGZlM2NhYjYzMDAxYmFkN2Y4In0%3D
.meteo.ua/	1970-01-20 17:45:41	Name: _ga_2S2P3LM20F Value: GS1.1.1670981791.1.0.1670981791.0.0.0
.meteo.ua/	1970-01-20 17:45:41	Name: _ga Value: GA1.2.367695886.1670981791
.meteo.ua/	1970-01-20 08:11:08	Name: _gid Value: GA1.2.1829720191.1670981791
.meteo.ua/	1970-01-20 08:09:41	Name: _gat_UA-22113067-1 Value: 1
.meteo.ua/	1970-01-20 08:09:41	Name: _gat_UA-22113067-3 Value: 1
meteo.ua/	1970-01-20 08:09:48	Name: meteo_session Value: eyJpdiI6IjlBR3RuRFJSRGl4NFg5TmJVcytpd2c9PSIsInZhbHVlIjoiemVaNnRkUDZpeEp2YVAxVm5iR3EzOEJISUVudHNsUU45YzBZV1wvdFppb1hUQXBqM2pnclwvSFB0ZjRQXC9rcmFkNHorOFFJTUtSY3pKeFdjOGw1Y3daU1ZkdExKbE5DMDRjZk1pM1RVQmthUmNaMWhGa1wvV0xzbVVVS0JWNlJ3Y29sIiwibWFjIjoiODI0YzhjMzcxOGI4ODA2ZjhiNjZmMmY5NWEyOTQ3ZDkzMzA2Yjc4M2Q0MzI4OGE0NDI4NTQwZGE2YzFlOGFhNCJ9
meteo.ua/	1969-12-31 23:59:59	Name: Value: store.test
.meteo.ua/	1970-01-20 17:31:17	Name: __gads Value: ID=253992925687595b-22547d930fda005a:T=1670981792:RT=1670981792:S=ALNI_Mb6CB9qRfqqcBl2sTcu7FvUpN2ttw
.meteo.ua/	1970-01-20 17:31:17	Name: __gpi Value: UID=00000b925e9fc526:T=1670981792:RT=1670981792:S=ALNI_MYQj9CoiiIucyy7UvNYI6yTun8jZA
.admixer.net/	1970-01-20 10:19:17	Name: am-uid Value: 16f693eae0fd4bbcad89a3fa39d83c24
meteo.ua/	1970-01-20 08:19:46	Name: am-uid Value: 16f693eae0fd4bbcad89a3fa39d83c24
.doubleclick.net/	1970-01-20 17:31:17	Name: IDE Value: AHWqTUne24T0Xalh3XG1DRNLdgNtvNNBO23ijLfVHeQ74kHa_o7C7T_mzcKfyvOpTx8
.creativecdn.com/	1970-01-20 16:55:17	Name: u Value: r29JRo0ZKMGAC7rGkk4p
.creativecdn.com/	1970-01-20 16:55:17	Name: ts Value: 1670981792
.pubmatic.com/	1970-01-20 08:11:08	Name: KTPCACOOKIE Value: YES
.adnxs.com/	1970-01-20 10:19:17	Name: uuid2 Value: 9097468269904352575
.pubmatic.com/	1970-01-20 10:19:17	Name: SyncRTB3 Value: 1672185600%3A220
.pubmatic.com/	1970-01-20 16:55:17	Name: KADUSERCOOKIE Value: 6224CAEA-7991-4360-B814-91E9FFD9E843
.bidswitch.net/	1970-01-20 16:55:17	Name: tuuid Value: fd5f5b54-ffa0-4fb8-b5ad-c11e35eb2362
.bidswitch.net/	1970-01-20 16:55:17	Name: c Value: 1670981792
.bidswitch.net/	1970-01-20 16:55:17	Name: tuuid_lu Value: 1670981792
.criteo.com/	1970-01-20 17:31:17	Name: uid Value: e80b473d-678a-481c-ac40-abeb79306a45
.doubleclick.net/	1970-01-20 08:09:45	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 08:11:08	Name: pi Value: 160846:3
.pubmatic.com/	1970-01-20 10:19:17	Name: chkChromeAb67Sec Value: 2
.adform.net/	1970-01-20 08:54:20	Name: C Value: 1
.adform.net/	1970-01-20 09:36:05	Name: uid Value: 697082879330615914
.meteo.ua/	1970-01-20 17:31:17	Name: cto_bundle Value: __vyv19JZUdCVFVvJTJGJTJGeSUyQlRlJTJCaDNtMm9vbEtWaTd3Y2tFRlQxJTJGWE5wdW9lOGRSMiUyQnFrdlE1a1lQYSUyRlZVaUpZSERNcEtzNHprMjdub0czSjAlMkZaSVZQVFZRMmkwJTJGOGZrYlBrcSUyRjlYamhYUmpjRUozWjQ0N2VBNGI5eHBSNSUyQjYlMkJsUVBmbzlGRTZnMHNjcVpCOVIzelMlMkZmNmdyUSUzRCUzRA
.adfarm1.adition.com/	1970-01-20 10:19:17	Name: UserID1 Value: 7176812153163806869
.yahoo.com/	1970-01-20 16:55:39	Name: A3 Value: d=AQABBKEomWMCEMsfoChn1XR-rC_TyEq66u8FEgEBAQF6mmOjYwAAAAAA_eMAAA&S=AQAAAiNE-gE-6WSzmDJi8M5m5t8
.analytics.yahoo.com/	1970-01-20 16:55:17	Name: IDSYNC Value: 18yx~28u1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
bidder.criteo.com
c1.adform.net
cdn.admixer.net
cm.g.doubleclick.net
creativecdn.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
match.adsrvr.org
meteo.ua
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
region1.google-analytics.com
rtb.openx.net
s.zmctrack.net
secure.adnxs.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
s.zmctrack.net
144.76.77.2
146.0.227.110
172.217.18.2
178.250.0.157
185.184.8.90
185.64.189.110
193.200.65.6
198.47.127.18
198.47.127.20
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a03:90c0:41:2801::62
3.124.135.253
3.126.56.137
3.33.220.150
35.227.252.103
37.157.6.254
37.252.171.22
37.252.172.123
85.114.159.118
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6a82db245ccdead24c2dffa62fe50553da0e3d5558d76fe2dba6101dbdef16
0e25bb4c8697cb8662a901178d5da08c06806f07d591b5ede1b3454111e5aaf8
0f6384d5e39776fbef8f86437737abf5d2975aa2756932cf03755e2584b470dd
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1824ee2886642a25923dd7e59bf25d4b812eea1a034a230e6196deb5512d23ef
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1e7ee9a9ee0a86107de56ffb1854c6a3f4962fb8c2d21064d8fac2e0a75468d2
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28dec5532b81543ccf1c8563c38f236b61f15801818c77861fd06f52260753d7
30bc73b0b1b3f5ceaefff4e2a62fb3cea85145bf14a4742b1c857568c2e41db8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
40f95afbf5a591a697d4ca6dd69cfd013c7c1a6e062859852e80d1363754754c
435025a4300a35e95c2c15c0d09aadd1604a085975579e4bc1156816fa1e93f4
4371793711f7434b6e02e85e641cca4c4775c0444465b2d33b2d0976c0fb04fe
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
484611811944e5cfdfac774736bfc5507a281739034b1c4d3b2c874d0544954e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd71d1ea09684267ef165ab410515c1775f6d35931da213a57a1466d9042f5a
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a218c8d613094db9c58250857a837e09d0e087da62e865e3ad013385ba72d
504a1deddfa87e4710633623b20a0de36b1249a315452500ab0d456e485beceb
517da58e76ba7a9cc84352604ebbb7d71268469a77244e265540dd773aff607c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599d25c3e9ce4a95bb76cf527284ac770ba6f2edbf469891ea68f9887c85151e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
67e0c8ef79fbaa5b3a80db4711fcc3972d588bae4a4d28a6bb2d1a58d9d1c6a5
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7550e3b976576da237321a6960dc7b947737856fe59de84226502c53b23ca87c
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
777bd8c038b2ec69c39b6c86235b4f63caa17cd961c78a00b5f05ee7f87d16aa
779159d0ad926c814c7cd4753062396062f33c5e4ffa198043e9fe83def368f0
783faf491d105d77aa261aad743939693dfbbc159027e60cb12cd2d7ca8e07f3
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7aa599e0aa2f0c44f9eaadfa8713a61e41d05f55a78364ba79b3cfd879418399
7ae25c194f2ec4ba18a9503c226c73f1c2e7d4604b12451a407a0abf8d610a2d
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4
7f0686db318a27df1b8708658b84f2b45edb5d9ac844258f251f343a0013990f
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
97f535dc95a690af2f1feb4c96d997ae6849bb18e55ae5485123a483030a7d7c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a1c18cdb88e3752ef1e8243b98181bac203578d0bb6e8a312530170863b7424c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae80a2aaf0bbf0ca6b68a4517d60e24368eab10cdc9bb5438b18a913cc23e788
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7b582a86d034b2f514ab80f139966e01cf34739894c318492b9666d9d18a91d
b8d069ae35e0c0e7eb7732bee36c0078f016d5cde689df80dade9f473125ef6b
ba39a88a1887e575637dc2cec1a6e3bbf0410dd16021c8209495ac614420a836
bd33ac673bf14d1f3c2be23af5fc2373e8e3f8adab2a3d1bcd2cc2aa74d1a99b
bff6765fee7cf8f979aacbe81adf420fe199738945d02ff9cde22ae855382b96
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cc239e80927a3e7606248573183acf62154e988bf36cf0692959d16f62fba615
cda23cc379e9e41b1bced8b220920a6e5a5957867f177c4335bd3e090fb9458f
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2d05f1b0a7539323d19f62af266a04dc9f5414b0f44e71eb9f85b4eae396338
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96fc918b680a7ab13ad2a6e0d28230bbcd4cb9307590f66acda17c47d9b051a
eb1c58545575db7e011914a8a08e5172b996d5c2c0856005bb52550ab0e4ec1f
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed85eb75abde0b81a93dc50e83b315298e77208bb7c361dcf89112ad5217a8d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbf865099a286260eea01d5ba8626dce3a43c4735f9acf93dba81348e64a4ef
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

meteo.ua Open in urlscan Pro 144.76.77.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

90 %HTTPS

53 %IPv6

25 Domains

39 Subdomains

29 IPs

8 Countries

3094 kBTransfer

6486 kBSize

33 Cookies

0 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

meteo.ua Open in urlscan Pro
144.76.77.2 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

90 %
HTTPS

53 %
IPv6

25
Domains

39
Subdomains

29
IPs

8
Countries

3094 kB
Transfer

6486 kB
Size

33
Cookies

146 HTTP transactions
5 data transactions