www.uaua.info Open in urlscan Pro
62.244.10.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uaua.info/
Effective URL:
https://www.uaua.info/
Submission Tags: tranco_l324
Submission: On November 26 via api (November 26th 2021, 7:43:05 am UTC) from DE — Scanned from DE

Summary HTTP 202 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 27 domains to perform 202 HTTP transactions. The main IP is 62.244.10.86, located in Kyiv, Ukraine and belongs to LUCKYNET Lucky Net Ltd, UA. The main domain is www.uaua.info.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time www.uaua.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 46	62.244.10.86 62.244.10.86	3254 (LUCKYNET ...) (LUCKYNET Lucky Net Ltd)
17	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
7	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2 7	195.209.108.38 195.209.108.38	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	31.28.167.67 31.28.167.67	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 4	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2 4	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	217.16.18.206 217.16.18.206	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2 7	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	146.59.18.237 146.59.18.237	16276 (OVH) (OVH)
3	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	52.174.47.89 52.174.47.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	37.18.16.17 37.18.16.17	205675 (HYBRID-AS) (HYBRID-AS)
1	88.212.240.204 88.212.240.204	7979 (SERVERS-COM) (SERVERS-COM)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.212.254.206 52.212.254.206	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211e:5400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
202	40

46 62.244.10.86 (Kyiv, Ukraine) 2 redirects

ASN3254 (LUCKYNET Lucky Net Ltd, UA)
PTR: uaua.info

uaua.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.uaua.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.uaua.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 195.209.108.38 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.28.167.67 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

ua-content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.210 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.16.18.206 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
masterh5.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.59.18.237 (France)

ASN16276 (OVH, FR)
PTR: vps-a61777d5.vps.ovh.net

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

st.hbrd.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.47.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.18.16.17 (Netherlands)

ASN205675 (HYBRID-AS, RU)

ssp.hbrd.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.240.204 (Russian Federation)

ASN7979 (SERVERS-COM, US)

servers1.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.254.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-254-206.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:5400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	uaua.info 2 redirects uaua.info www.uaua.info img1.uaua.info	1 MB
30	googlesyndication.com pagead2.googlesyndication.com a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com tpc.googlesyndication.com	229 KB
23	doubleclick.net 5 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	237 KB
16	2mdn.net s0.2mdn.net	470 KB
14	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	98 KB
12	adriver.ru 2 redirects ad.adriver.ru ua-content.adriver.ru content.adriver.ru masterh5.adriver.ru servers1.adriver.ru	43 KB
8	google.com 2 redirects www.google.com adservice.google.com	2 KB
7	google.de www.google.de adservice.google.de	2 KB
7	gravitec.net cdn.gravitec.net	57 KB
6	hbrd.io st.hbrd.io ssp.hbrd.io	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	adpartner.pro a4p.adpartner.pro	9 KB
5	google-analytics.com www.google-analytics.com	40 KB
5	facebook.net connect.facebook.net	284 KB
5	googletagservices.com www.googletagservices.com	121 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	facebook.com www.facebook.com	529 B
4	bigmir.net c.bigmir.net i.bigmir.net	1 KB
4	yadro.ru 2 redirects counter.yadro.ru	2 KB
2	gravitec.media cdn.gravitec.media api.gravitec.media	2 KB
2	googletagmanager.com www.googletagmanager.com	106 KB
2	instagram.com 1 redirects www.instagram.com	5 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	hybrid.ai fp.hybrid.ai dm.hybrid.ai Failed	13 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	webpushs.com web.webpushs.com	34 KB
1	sendpulse.com cdn.sendpulse.com	9 KB
202	27

	Domain	Requested by
27	img1.uaua.info	www.uaua.info
17	pagead2.googlesyndication.com	www.uaua.info securepubads.g.doubleclick.net tpc.googlesyndication.com a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net www.googletagservices.com
17	www.uaua.info	www.uaua.info
16	s0.2mdn.net	www.uaua.info s0.2mdn.net
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
9	dt.adsafeprotected.com	a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
7	www.google.com	2 redirects www.uaua.info tpc.googlesyndication.com
7	ad.adriver.ru	2 redirects www.uaua.info
7	cdn.gravitec.net	www.uaua.info cdn.gravitec.net
6	www.google.de	www.uaua.info
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.uaua.info
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googleadservices.com a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com www.uaua.info
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	a4p.adpartner.pro	www.uaua.info a4p.adpartner.pro
5	www.google-analytics.com	www.googletagmanager.com www.uaua.info a4p.adpartner.pro
5	connect.facebook.net	www.uaua.info connect.facebook.net
5	www.googletagservices.com	www.uaua.info securepubads.g.doubleclick.net a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com www.googletagservices.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	ssp.hbrd.io	st.hbrd.io
4	www.facebook.com	www.uaua.info
4	counter.yadro.ru	2 redirects www.uaua.info
4	stats.g.doubleclick.net	1 redirects www.uaua.info www.google-analytics.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
3	i.bigmir.net	www.uaua.info
2	googleads4.g.doubleclick.net	www.uaua.info
2	pixel.adsafeprotected.com	1 redirects a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
2	st.hbrd.io	www.uaua.info st.hbrd.io
2	a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	content.adriver.ru	www.uaua.info
2	www.googletagmanager.com	www.uaua.info www.googletagmanager.com
2	www.instagram.com	1 redirects www.uaua.info
2	fonts.googleapis.com	www.uaua.info
2	uaua.info	2 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	servers1.adriver.ru	www.uaua.info
1	fp.hybrid.ai	st.hbrd.io
1	masterh5.adriver.ru	www.uaua.info
1	api.gravitec.media	cdn.gravitec.media
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.gravitec.media	cdn.gravitec.net
1	c.bigmir.net	www.uaua.info
1	ua-content.adriver.ru	www.uaua.info
1	web.webpushs.com	www.uaua.info
1	cdn.sendpulse.com	www.uaua.info
0	dm.hybrid.ai Failed	fp.hybrid.ai
202	48

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
www.likar.info
hochu.ua
www.hon.ch
www.healthonnet.org
www.bigmir.net

Subject Issuer	Validity	Valid
www.uaua.info R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
1603358863.rsc.cdn77.org R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-30` - `2022-01-16`	a year	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2021-03-04` - `2022-04-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
img1.uaua.info R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-04` - `2021-12-03`	3 months	crt.sh
c.bigmir.net R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
cdn.gravitec.media R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
adpartner.pro R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.hbrd.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-03` - `2022-07-04`	a year	crt.sh
img.com.ua R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
api.gravitec.media R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.uaua.info/
Frame ID: A71FA07F8B417CFE2B5C62D5C5381461
Requests: 123 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: ABCC72C4E3F7CC87E75BE8590DA9DA5A
Requests: 1 HTTP requests in this frame

Frame: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 971755334D73890085FE0EE3A98590ED
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=4585&bannerNum=16448688374313036&apuid=21b61974-0fe8-40f1-8a97-b514c63ba2e5&session_pageview=1&session_id=b94de4d5-b8e5-4730-a9f9-73b5380f6a6a&site_visited=1&location=https%3A%2F%2Fwww.uaua.info%2F
Frame ID: D50A04889FC8CCBF2567A4D041477831
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252221b61974-0fe8-40f1-8a97-b514c63ba2e5%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A4585%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.uaua.info%252F%2522%257D
Frame ID: 210EABEABE8CD44E62E1D46AD7A0797F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EC2B9F9A1D3775C045F55ABA04DFC5BC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E837C745421633B76215199B9D33E1DE
Requests: 2 HTTP requests in this frame

Frame: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 527FBEB6D76B515573F6588060BB8A93
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPL2vJCZpFSa_GZePUTLP9DawxIbdXxOS-I47-ANPhPT5bvUtZ5b7I_V-exM3h-9_5hXcY3yCj0pynYDvrf51l1o1qGzioFA7-4hhxIFS6ZYGp-4dRoPnkszQljM3XadbRkbn7R0XPG4eRQ8ZCKtSLh5Fx8ZhTYa-x6eZfcxW4IUhDqjTyixMJy1b6pjwTzO8ojyS9ClzXcKDG488zjNtDrRRgmaFqpUi-YkfXZbKxmnlRS-_Yl_gT8os5BKaD2oem8zqobHwBGCNF7vkT-cx24KD8Ppg-pTmdE33Ek26UmvmaBKZdF5bE0yFspbckH2P-scfnwvM&sai=AMfl-YR14yLJwdX2SqQl8HvjegHr6JQL5slujmvtMhq0LazhSKWB5hsza0aLO7PPDv84o6GBlush-A_ZLU9FwGiDwROrxTr0AQRLcMIj_0cBSZL0cJppUiwuMpEZmTz7qzVg&sig=Cg0ArKJSzJxGT3h6T2H-EAE&uach_m=[UACH]&adurl=
Frame ID: FAD470827FCA837C3884A371C92BC727
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNWsg6cAml1-ey3VhKuvEdkglCx29lKUs7Cj7IR2kNnLFYlvCADrsLiTAjKVZWG8m-V4w5reebd1CJXZ31adK9VcmAioaM6pnjVG6aTfY4Nnu3sOc3BJEBwqdbdDkRk7SFebXEZHoiMpubRrv4nhxKehn8mwL3mSvdcHB6RKhpI6M8R1Ffs
Frame ID: D5E68828483BFE61EE812C9EE4AFB15B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59F43C2ED85301282C306522A48D038D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9954D74154DEEB10B61EE7FA8AA0A61A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Frame ID: E843CE30BDC82D8A642C6A707C620759
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1146FCA59BEADD024231A75AAAEE48D0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B161C186DB47BACD479AEA550FC6BE47
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6552AE5F0E0788517EB89F5B94373985
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: CDADE6E3C727FE7A85BDA276D16BC25A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт для родителей о детях. Сайт для мам, пап и всей семьи. - UaUa.INFO

Page URL History Show full URLs

http://uaua.info/ HTTP 301
https://uaua.info/ HTTP 301
https://www.uaua.info/ Page URL

Page Statistics

202
Requests

94 %
HTTPS

46 %
IPv6

27
Domains

48
Subdomains

40
IPs

8
Countries

3187 kB
Transfer

6372 kB
Size

35
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/uaua.info

Search URL Search Domain Scan URL

URL: https://twitter.com/UAUAinfo

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/b/106381311593493725670/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uaua.info/
Title: Блоги мам

Search URL Search Domain Scan URL

URL: https://www.likar.info/
Title: Likar.info

Search URL Search Domain Scan URL

URL: https://www.likar.info/bolezni/
Title: Болезни

Search URL Search Domain Scan URL

URL: https://www.likar.info/lekarstva/
Title: Лекарства

Search URL Search Domain Scan URL

URL: https://www.likar.info/clinics/
Title: Больницы

Search URL Search Domain Scan URL

URL: https://hochu.ua/
Title: Женский журнал

Search URL Search Domain Scan URL

URL: https://hochu.ua/cat-stars/novosti-shou-biznesa/
Title: Новости шоу-бизнеса

Search URL Search Domain Scan URL

URL: https://hochu.ua/cat-goroskopy/goroskop-na-segodnya/
Title: Гороскоп на сегодня

Search URL Search Domain Scan URL

URL: https://hochu.ua/cat-tv-show/
Title: ТВ шоу 2021

Search URL Search Domain Scan URL

URL: https://www.hon.ch/HONcode/Conduct.html?HONConduct968927

Search URL Search Domain Scan URL

URL: https://www.healthonnet.org/HONcode/Russian/
Title: HON кодекса

Search URL Search Domain Scan URL

URL: https://plus.google.com/+uauainfo

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uaua.info/ HTTP 301
https://uaua.info/ HTTP 301
https://www.uaua.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=467321&bt=21&pid=1636540&bid=3354424&bn=3354424&rnd=587907371 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=467321&bt=21&pid=1636540&bid=3354424&bn=3354424&rnd=587907371&tuid=-5654802330

Request Chain 38

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 46

https://counter.yadro.ru/hit?t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.802033495547114 HTTP 302
https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.802033495547114

Request Chain 62

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=575361915&utmhn=www.uaua.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2%D1%81%D0%B5%D0%B9%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B8.%20-%20UaUa.INFO&utmhid=646658654&utmr=-&utmp=%2F&utmht=1637912580289&utmac=UA-21312970-1&utmcc=__utma%3D38145660.153117899.1637912580.1637912580.1637912580.1%3B%2B__utmz%3D38145660.1637912580.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=964147519&utmredir=3&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21312970-1&cid=153117899.1637912580&jid=964147519&_v=5.7.2dc&z=575361915 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21312970-1&cid=153117899.1637912580&jid=964147519&_v=5.7.2dc&z=575361915&slf_rd=1&random=4058011576

Request Chain 69

https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1144455&tail256=unknown&sid=160581&bn=7&bt=52&sz=%2Fwww%2F&ph=adriver_banner_977984834&keyword=notmaslenica HTTP 302
https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1144455&tail256=unknown&sid=160581&bn=7&bt=52&sz=%2Fwww%2F&ph=adriver_banner_977984834&keyword=notmaslenica&tuid=-6016616584

Request Chain 77

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999068537/?random=1637912580375&cv=9&fst=1637912580375&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/999068537/?random=1637912580375&cv=9&fst=1637910000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&is_vtc=1&random=3079169425&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/999068537/?random=1637912580375&cv=9&fst=1637910000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&is_vtc=1&random=3079169425&resp=GooglemKTybQhCsO&ipr=y

Request Chain 88

https://counter.yadro.ru/hit?t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.8971355916913901 HTTP 302
https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.8971355916913901

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1&C=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaCQBWx2DtwfMGB40KvOfgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECn1GGbvLuWXN5K_r5OzvP0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECn1GGbvLuWXN5K_r5OzvP0%26google_cver%3D1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MTQ2MTc4MDA1NzE4ODYwNA%3D%3D

Request Chain 179

https://pixel.adsafeprotected.com/rfw/st/774473/57793669/skeleton.js?adsafe_url=https%3A%2F%2Fwww.uaua.info%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3068bf6f-43e6-909d-3ab2-1a7baaefc9e8,c:v3Bust,sl:na,em:true,fr:false,thd:1,mn:app14ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:121,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:135,oid:7b962d2b-4e8c-11ec-9ec2-02c390e9b11a,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

202 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.uaua.info/
Redirect Chain

http://uaua.info/
https://uaua.info/
https://www.uaua.info/

78 KB
18 KB

243ms
117ms

Document
text/html

62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 / PHP/7.0.17
Resource Hash: b199607d6ae86cfd29170bc82cb358c9a423d4510ff374f5c7733222c2e78fbf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.16.1
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.0.17
cache-control: no-cache
date: Fri, 26 Nov 2021 07:42:59 GMT
content-encoding: gzip

Redirect headers

server: nginx/1.16.1
date: Fri, 26 Nov 2021 07:42:59 GMT
content-type: text/html
content-length: 169
location: https://www.uaua.info/

GET
H2 200 adriver.core.2.js Show response
www.uaua.info/js/vendor/ 4 KB
2 KB 40ms
39ms Script
application/javascript 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uaua.info/js/vendor/adriver.core.2.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: f93a94e84a7b503c1817d985f10db35fc1bb7052084f1880d1cd091f174b6e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 15:51:22 GMT
server: nginx/1.16.1
etag: W/"614367fa-f99"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 57ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0de864df0780a2ba0d39903bcbb81c9496cd219eb1b004a9a401e5927a2357cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51217
x-xss-protection: 0
server: cafe
etag: 2706096213362422513
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1055 / 153 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 33dc50987a57c704a0fbb61c31d3c6ba_0.js Show response
cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/ 25 KB
9 KB 73ms
15ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/33dc50987a57c704a0fbb61c31d3c6ba_0.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

0132266e721e15b771173934d3af6ad2d614bb0d34fbb1f3d413a9239a6a7433

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: ei14XkCKwPM=
x-77-cache: HIT
x-cache: HIT
x-age: 253902
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ryyjlJL/zt8DAA==
x-accel-expires: @1638263478
x-sp-ma: ma5
last-modified: Thu, 22 Aug 2019 03:58:13 GMT
server: CDN77-Turbo
etag: W/"6285-590acb2ddba4c"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
cache-control: max-age=31536000, max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Sat, 09 Apr 2022 14:18:40 GMT

GET
H2 200 b9a5962a9d9f23cb6231f42ab6b5314e_1.js Show response
web.webpushs.com/js/push/ 115 KB
34 KB 76ms
16ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/b9a5962a9d9f23cb6231f42ab6b5314e_1.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

4dc8433b4f058f2277a693e60a0967161ff4c0621d1e04fb4835e0b00176a261

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: tTnv7fS+3Vg=
x-77-cache: HIT
x-cache: HIT
x-age: 528124
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ryyqeL///A4IAA==
x-accel-expires: @1637989256
x-sp-ma: ma5
last-modified: Thu, 25 Feb 2021 11:35:45 GMT
server: CDN77-Turbo
etag: W/"1cd7c-5bc278d63377a"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
x-sp-pr: lpr9
cache-control: max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Sat, 23 Oct 2021 03:32:10 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/0e5c970151aae21423766bd907f50dc5/ 64 KB
18 KB 48ms
12ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/0e5c970151aae21423766bd907f50dc5/client.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ff3fe0ba9be1af219bc9703b3aae5fc658953688fd53b0f9d3e86e2cfd8968aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 09:56:06 GMT
server: nginx
etag: W/"60893136-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Apr 2021 10:15:15 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 58e795bc6bd7e9bf2b948567d4d9caba.css
www.uaua.info/css/ 263 KB
54 KB 44ms
44ms Stylesheet
text/css 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 49bd7eec18d0abae0a20206225d056ee791e78821248b419119e723d6d4d1600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 15:51:04 GMT
server: nginx/1.16.1
etag: W/"614367e8-41d22"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Comfortaa:300,400,700|Poiret+One|Open+Sans:300,400,600,700|Roboto+Mono:400,400i,700,700i&subset=cyrillic,cyrillic-ext

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8e6786c6bf10f537af10f604c2e8a187510857567d6c9019664d22bc793175f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 07:43:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 07:43:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 logo2.svg
www.uaua.info/img/logo/default/ 10 KB
4 KB 73ms
69ms Image
image/svg+xml 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/logo/default/logo2.svg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: e25242d751c4746815df9e0505856aca0e8da456a1cfebfbf541244595dc3150

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 12:44:34 GMT
server: nginx/1.16.1
etag: W/"5e57b9b2-274c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 a556c135-e0f7-49d3-b426-0c2121898080_610x375_fit.jpg
img1.uaua.info/uploads/a5/56/c1/ 42 KB
42 KB 246ms
117ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/a5/56/c1/a556c135-e0f7-49d3-b426-0c2121898080_610x375_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 247b0b862f4f3b4a07e4053c1e2c48b422f12e9d89c3c3aa482555cc7d4ea173

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 17 Nov 2021 09:21:39 GMT
server: nginx/1.16.1
etag: "6194c9a3-a673"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 42611
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 ad39c6ed-c67f-4504-aef9-3da8422d3432_610x375_fit.jpg
img1.uaua.info/uploads/ad/39/c6/ 72 KB
72 KB 246ms
117ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/ad/39/c6/ad39c6ed-c67f-4504-aef9-3da8422d3432_610x375_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: b64f9137e2776309b3df167adbc4a945178b6e8da8f44e302f568aed58ac2ea6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 10 Nov 2021 08:59:51 GMT
server: nginx/1.16.1
etag: "618b8a07-1203f"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 73791
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 3fd60c65-c711-4530-9e8c-78b99dc0eabc_610x375_fit.jpg
img1.uaua.info/uploads/3f/d6/0c/ 55 KB
56 KB 246ms
117ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/3f/d6/0c/3fd60c65-c711-4530-9e8c-78b99dc0eabc_610x375_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 3f181371a6525a1011821cab77b0e2bff0b30c04376e05b52972930a1c407033

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 04 Oct 2021 09:25:34 GMT
server: nginx/1.16.1
etag: "615ac88e-ddba"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 56762
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 dd8d8611-81ed-402f-99ee-8a7cc9599ca6_610x375_fit.jpg
img1.uaua.info/uploads/dd/8d/86/ 69 KB
69 KB 246ms
117ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/dd/8d/86/dd8d8611-81ed-402f-99ee-8a7cc9599ca6_610x375_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 8a60f9afc97c2bb4df0dec75460cd0ca83b355e178fbd01004a591d276256429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 01 Oct 2021 09:04:02 GMT
server: nginx/1.16.1
etag: "6156cf02-11423"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 70691
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 9cc345b5-2406-4a0a-a2ae-f28213fbf711_610x375_fit.jpg
img1.uaua.info/uploads/9c/c3/45/ 103 KB
104 KB 246ms
118ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/9c/c3/45/9cc345b5-2406-4a0a-a2ae-f28213fbf711_610x375_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 525fb39c8f6a5e767c350be0efc428fd1f970ff60b5e7989f52a9a030d406553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 16 Sep 2021 12:29:51 GMT
server: nginx/1.16.1
etag: "614338bf-19d40"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 105792
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 0e061957-5d90-455e-909e-a829b49ab8d1_610x375_fit.jpg
img1.uaua.info/uploads/0e/06/19/ 61 KB
61 KB 219ms
91ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/0e/06/19/0e061957-5d90-455e-909e-a829b49ab8d1_610x375_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: cee617c71a6daf3b07b36564b2fe176f393a3d32ef0b8393ce28dc48e4a4a392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 10 Sep 2021 14:31:41 GMT
server: nginx/1.16.1
etag: "613b6c4d-f3c0"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62400
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 a556c135-e0f7-49d3-b426-0c2121898080_294x182_fit.jpg
img1.uaua.info/uploads/a5/56/c1/ 15 KB
15 KB 152ms
88ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/a5/56/c1/a556c135-e0f7-49d3-b426-0c2121898080_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 011e9acd4664b36779a9e5c51b8313a80c4cafba317952ab01bc6ca7ea3b46d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 18 Nov 2021 11:11:38 GMT
server: nginx/1.16.1
etag: "619634ea-3ab6"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15030
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 ad39c6ed-c67f-4504-aef9-3da8422d3432_294x182_fit.jpg
img1.uaua.info/uploads/ad/39/c6/ 25 KB
25 KB 127ms
63ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/ad/39/c6/ad39c6ed-c67f-4504-aef9-3da8422d3432_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 8aa3f87956c6328a45787ea525797b32966fb3ee6f326632cc88e16247d97f19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 10 Nov 2021 09:36:57 GMT
server: nginx/1.16.1
etag: "618b92b9-651d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25885
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 c08eb86b-45d1-4728-9754-185294e43d54_294x182_fit.png
img1.uaua.info/uploads/c0/8e/b8/ 137 KB
137 KB 180ms
117ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/c0/8e/b8/c08eb86b-45d1-4728-9754-185294e43d54_294x182_fit.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 68aea4934f75c4e582e03920356a914e47b12457dc6ee22fd0267673cff49773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 24 May 2019 11:51:49 GMT
server: nginx/1.16.1
etag: "5ce7dad5-22395"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 140181
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 413ed0a9-c818-451b-b043-3aea5757d1cf_200x124_fit.png
img1.uaua.info/uploads/41/3e/d0/ 45 KB
45 KB 180ms
117ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/41/3e/d0/413ed0a9-c818-451b-b043-3aea5757d1cf_200x124_fit.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: f311a8d54d44aa879f1094c5dd3c0b1f93168bac9d12229db4c22327992aa4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 22 Oct 2018 15:00:36 GMT
server: nginx/1.16.1
etag: "5bcde614-b260"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 45664
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 4f50560f-e29d-40f6-9f7c-1e060359ae09_200x124_fit.png
img1.uaua.info/uploads/4f/50/56/ 30 KB
30 KB 109ms
107ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/4f/50/56/4f50560f-e29d-40f6-9f7c-1e060359ae09_200x124_fit.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 1983522fff0a407fc3b2763241976ebd3c1833be613b7b976412a2f84ba0adb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 30 Oct 2018 07:51:16 GMT
server: nginx/1.16.1
etag: "5bd80d74-7926"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31014
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 286e1daa-e4af-4975-a316-9290916e6c88_433x270_fit.jpg
img1.uaua.info/uploads/28/6e/1d/ 50 KB
50 KB 109ms
107ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/28/6e/1d/286e1daa-e4af-4975-a316-9290916e6c88_433x270_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 588859b7231b966294409e7edb1dd318142c5f1e3d8d2c258f717d988cc01c1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 10 Nov 2021 09:50:43 GMT
server: nginx/1.16.1
etag: "618b95f3-c613"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 50707
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 631fca39-4e8d-4f3e-948f-4d42c8089815_200x124_fit.png
img1.uaua.info/uploads/63/1f/ca/ 59 KB
59 KB 181ms
117ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/63/1f/ca/631fca39-4e8d-4f3e-948f-4d42c8089815_200x124_fit.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 021f273dabe9f57dba75e3ed22cc97e1d93ff26b27f221507c08f2c50bcd152f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 10 Oct 2017 09:06:35 GMT
server: nginx/1.16.1
etag: "59dc8d9b-eccb"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60619
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 48acb48f-3d70-40a2-a400-14197781ffef_200x124_fit.jpg
img1.uaua.info/uploads/48/ac/b4/ 15 KB
16 KB 109ms
107ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/48/ac/b4/48acb48f-3d70-40a2-a400-14197781ffef_200x124_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 75d0b3500bec5c90fc77886c5e3647c13de7b695b77b7001e3f767b85039d7b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 11 Oct 2021 10:03:40 GMT
server: nginx/1.16.1
etag: "61640bfc-3d61"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15713
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 5817a895-e8a9-458a-8840-3a617d1a0b3b_294x182_fit.png
img1.uaua.info/uploads/58/17/a8/ 84 KB
84 KB 109ms
107ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/58/17/a8/5817a895-e8a9-458a-8840-3a617d1a0b3b_294x182_fit.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 724054d6ba09e989bd115d3b8af9b3eb74fd3a49dfb520c5aa715fc81973f8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 29 Jun 2017 11:37:49 GMT
server: nginx/1.16.1
etag: "5954e68d-14f31"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 85809
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 a1066270-7923-4850-bd78-265ff127b679_294x182_fit.jpg
img1.uaua.info/uploads/a1/06/62/ 29 KB
29 KB 109ms
107ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/a1/06/62/a1066270-7923-4850-bd78-265ff127b679_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: c8e1e79f24cfa83daa7ba7c1a6e7172b0a7eeb5c24dbb6ebcdfebf04be30c446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 07 Jun 2017 11:28:51 GMT
server: nginx/1.16.1
etag: "5937e373-723b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29243
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 7b38f16b-55ac-4f70-a164-911f73cc5743_294x182_fit.png
img1.uaua.info/uploads/7b/38/f1/ 75 KB
75 KB 109ms
107ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/7b/38/f1/7b38f16b-55ac-4f70-a164-911f73cc5743_294x182_fit.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 9d195888bd560fef1acea270d3308c52ce951ca24e084d19e7accafc94584e68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 07 Sep 2017 10:44:06 GMT
server: nginx/1.16.1
etag: "59b122f6-12b7b"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76667
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 3ce9f7ce-46d0-4247-98eb-be928a250085_294x182_fit.jpg
img1.uaua.info/uploads/3c/e9/f7/ 32 KB
32 KB 109ms
108ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/3c/e9/f7/3ce9f7ce-46d0-4247-98eb-be928a250085_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 11eef7ee65ec70e3faa438abaa3a446cea0c1478cbeb45914c05d7464a5ef342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 06 Oct 2021 14:17:56 GMT
server: nginx/1.16.1
etag: "615db014-7ee6"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32486
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 3fd60c65-c711-4530-9e8c-78b99dc0eabc_294x182_fit.jpg
img1.uaua.info/uploads/3f/d6/0c/ 20 KB
20 KB 109ms
108ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/3f/d6/0c/3fd60c65-c711-4530-9e8c-78b99dc0eabc_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 6ced124b732ba6de9630611bf77c30571d59db868c063ab9b17a73535a9a2027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 04 Oct 2021 10:04:05 GMT
server: nginx/1.16.1
etag: "615ad195-4e17"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19991
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 dd8d8611-81ed-402f-99ee-8a7cc9599ca6_294x182_fit.jpg
img1.uaua.info/uploads/dd/8d/86/ 23 KB
23 KB 109ms
108ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/dd/8d/86/dd8d8611-81ed-402f-99ee-8a7cc9599ca6_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: a5541969d06300c5d5931fe089e6fff6197ec0ea984637af1b98f8b3f30788d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 01 Oct 2021 10:47:30 GMT
server: nginx/1.16.1
etag: "6156e742-5aee"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23278
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 c593a5b4-0b1f-4ef0-827c-e19a139b0b47_200x124_fit.jpg
img1.uaua.info/uploads/c5/93/a5/ 10 KB
10 KB 110ms
108ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/c5/93/a5/c593a5b4-0b1f-4ef0-827c-e19a139b0b47_200x124_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 485e89a70c2eb2f522dcb088bccac70655c09a0bf532ce366a78c1994388a150

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 28 Sep 2021 11:16:58 GMT
server: nginx/1.16.1
etag: "6152f9aa-2923"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10531
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 e52996bd-823d-4f43-996d-c3262384f1e9_200x124_fit.jpg
img1.uaua.info/uploads/e5/29/96/ 11 KB
11 KB 110ms
109ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/e5/29/96/e52996bd-823d-4f43-996d-c3262384f1e9_200x124_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 409a40cfc4fa8cd0853f815a19f00bcbc7ee1d425c3cc95e45e471986b6da727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 28 Sep 2021 08:57:26 GMT
server: nginx/1.16.1
etag: "6152d8f6-2a11"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10769
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 0007f8b9-0b7e-43ae-b056-e35735054d0a_433x270_fit.jpg
img1.uaua.info/uploads/00/07/f8/ 24 KB
24 KB 110ms
109ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/00/07/f8/0007f8b9-0b7e-43ae-b056-e35735054d0a_433x270_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: ac174589a5d24d6d23bad4cd2fe6defd196f3542883297e5b10e03a58963c33f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 06 Oct 2021 14:17:57 GMT
server: nginx/1.16.1
etag: "615db015-600e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24590
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 3ff2c738-53ed-445f-95bb-4d49c893789f_200x124_fit.jpg
img1.uaua.info/uploads/3f/f2/c7/ 13 KB
13 KB 110ms
109ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/3f/f2/c7/3ff2c738-53ed-445f-95bb-4d49c893789f_200x124_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 06fdd873de7ce654410b703e2186a6010d1c1d85a76aaaeb9982e4ce9634afec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 27 Sep 2021 10:35:04 GMT
server: nginx/1.16.1
etag: "61519e58-33dc"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13276
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 bce7860e-5d15-444f-8419-c77e7eb887f7_200x124_fit.jpg
img1.uaua.info/uploads/bc/e7/86/ 6 KB
6 KB 110ms
109ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/bc/e7/86/bce7860e-5d15-444f-8419-c77e7eb887f7_200x124_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 313eff82599625975f2f33218a16c5850c6a24940f4969144dff030c636f4786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 24 Sep 2021 14:59:52 GMT
server: nginx/1.16.1
etag: "614de7e8-165e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5726
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 8a278f55-a70c-4cee-8e96-35d30d4996ae_294x182_fit.jpg
img1.uaua.info/uploads/8a/27/8f/ 25 KB
25 KB 111ms
109ms Image
image/jpeg 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/uploads/8a/27/8f/8a278f55-a70c-4cee-8e96-35d30d4996ae_294x182_fit.jpg
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 8aa3f87956c6328a45787ea525797b32966fb3ee6f326632cc88e16247d97f19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 10 Nov 2021 09:36:57 GMT
server: nginx/1.16.1
etag: "618b92b9-651d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25885
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H/1.1

204
No Content

rle.cgi
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=467321&bt=21&pid=1636540&bid=3354424&bn=3354424&rnd=587907371
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=467321&bt=21&pid=1636540&bid=3354424&bn=3354424&rnd=587907371&tuid=-5654802330

0
210 B

119ms
68ms

Image
text/plain

195.209.108.38
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=467321&bt=21&pid=1636540&bid=3354424&bn=3354424&rnd=587907371&tuid=-5654802330
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: HTTP/1.1
Server: 195.209.108.38 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache;
Date: Fri, 26 Nov 2021 07:43:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Location: /cgi-bin/rle.cgi?sid=1&ad=467321&bt=21&pid=1636540&bid=3354424&bn=3354424&rnd=587907371&tuid=-5654802330
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: *
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,600,700,300,800&subset=latin,cyrillic-ext

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 07:43:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 07:43:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 logo_forgot.png
img1.uaua.info/img/newpopup/ 10 KB
10 KB 111ms
109ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.uaua.info/img/newpopup/logo_forgot.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 51ad3908bb0b147da868771c7051215702e3dd5389e26ddb53e72b41caee05bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:14 GMT
server: nginx/1.16.1
etag: "5c98e506-274d"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10061
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

16ms
7ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H3
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 05:10:43 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Fri, 26 Nov 2021 07:43:00 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: rva
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 0

GET
H2 200 58e795bc6bd7e9bf2b948567d4d9caba.js Show response
www.uaua.info/js/ 253 KB
84 KB 43ms
43ms Script
application/javascript 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 7389b6c81ac373383a907311db0050a72016075bfd56662a62adb423a14fc9e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 15:51:08 GMT
server: nginx/1.16.1
etag: W/"614367ec-3f5c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoUpdate.adriver.js Show response
ua-content.adriver.ru/plugins/ 5 KB
5 KB 112ms
34ms Script
application/x-javascript 31.28.167.67
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ua-content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/js/vendor/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.28.167.67 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: nginx /
Resource Hash: e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 07 Oct 2021 10:58:24 GMT
server: nginx
etag: "615ed2d0-1337"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4919
expires: Fri, 26 Nov 2021 08:43:00 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 64ms
22ms Script
text/javascript 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7081
date: Fri, 26 Nov 2021 05:44:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 26 Nov 2021 07:44:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame ABCC 11 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 06:55:30 GMT
expires: Fri, 10 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 2850
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
46 KB 54ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZRZZ6

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8413922a0b540fa9d35fc4394faaf22fd99483cc74c223c90acd3cdb74abddb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46340
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 diz_trash.png
www.uaua.info/img/renew/ 1 KB
1 KB 67ms
67ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/diz_trash.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 294ef05f7abc4b80480d6a3ff65b7bc3bb42cc69d8c20cb31008b5ea11ea35a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-40d"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1037
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 tvNewArr.png
www.uaua.info/img/renew/ 4 KB
4 KB 66ms
66ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/tvNewArr.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 3877ef4b1ede5982a9557558b81d21b5367c012f806fdffd1ce1955dc4546384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-f8a"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3978
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.802033495547114
https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.802033495547114

132 B
618 B

60ms
60ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.802033495547114

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

16bb9ba914b0349a790887b310cb59deb6f2877eaa6d03d776bac0eac4c9c6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.802033495547114
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 25 Nov 2020 21:00:00 GMT

GET
H2 200 scs_next.png
www.uaua.info/img/renew/ 2 KB
2 KB 39ms
39ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/scs_next.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 8719e02a894e1813d02ca2ba384f11e93f73f06f85cf3fc0db55d8045ed204f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-684"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1668
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 SerPat.png
www.uaua.info/img/renew/ 2 KB
2 KB 40ms
39ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/SerPat.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: f37353120ee584f02a5391be77cfb16536dca891c6143b46bb1c2a962f57e3ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-7cf"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1999
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 uaua_sprite.png
www.uaua.info/img/ 80 KB
80 KB 40ms
40ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/uaua_sprite.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 6b923e2ad6a7e412a6d5ff238543bb28540a6ab53cbea2f7ea6ee5a43da8b952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-13ed2"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 81618
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 pinkArr.png
www.uaua.info/img/renew/ 2 KB
3 KB 47ms
46ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/pinkArr.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 7e5f393885b9882bce8b35ffa2f1281ed5662bc1d3c9358e24576de435458dc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-99b"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2459
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 catPat.png
www.uaua.info/img/renew/ 2 KB
2 KB 47ms
46ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/catPat.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 2047ca7806b07236034a12b61969ef614d8d685470d1f4724a0e8af54408f58f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-7ae"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1966
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 service_arr.png
www.uaua.info/img/renew/ 2 KB
2 KB 47ms
47ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/renew/service_arr.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: ae6c17f6a293dd9309bd35c8e446f02bfe964fc261abb8cee46c5eae990dcf4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-719"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1817
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 f008.png
www.uaua.info/newimg/ 122 B
301 B 47ms
46ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/newimg/f008.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 87c922d1f681b686fc57ed8df35145aa414426a26f3265b4db3d90c21d77c965

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 15 May 2017 08:32:22 GMT
server: nginx/1.16.1
etag: "59196796-7a"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 122
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 f009.png
www.uaua.info/newimg/ 111 B
290 B 47ms
46ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/newimg/f009.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: bbd422bff2f3ad365a64f3f6b52fcf622d316c11d4d492277b20a373c0f0d400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 15 May 2017 08:32:22 GMT
server: nginx/1.16.1
etag: "59196796-6f"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 111
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 f010.png
www.uaua.info/newimg/ 117 B
296 B 47ms
46ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/newimg/f010.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: d5a10121d468fc4c70d838b7ac026184fff33a31ac83e032733d85cb0b38289a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/css/58e795bc6bd7e9bf2b948567d4d9caba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 15 May 2017 08:32:22 GMT
server: nginx/1.16.1
etag: "59196796-75"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 117
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1012 B 33ms
18ms Fetch
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=0e5c970151aae21423766bd907f50dc5
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/0e5c970151aae21423766bd907f50dc5/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 412fd1e0fedad522c5652031ff52639d51b6aac5559c2b2418845afc80c08835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
x-correlation-id: d28c449ed3e0b7011f0881874459cb85
server: nginx/1.20.2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: EXPIRED

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 40ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 130 B
739 B 40ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.uaua.info

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00fcfd9db06df0f607122c0b8462339cb4690e49e35a40313980eb53ee0a3a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 27ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb169e42607dbe8372ec4d69f0606b8429a1b0c2c25358d7b45e222bd955c786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z30Ev7to9wFeLU/Y8KKVEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 26 Nov 2021 07:55:10 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: Ttg3d1YEx8p3LpiyKOa/ko6UHtdAvl9YDTcC6vzISnA8IXVHzuRAQEmpl8evOqta1sGSs2RVlKYyc2glWL/wyQ==
x-fb-trip-id: 917726464
x-fb-content-md5: ef9894418877174093ce6ed190401376
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Nov 2021 07:43:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cc0647a853f0af580ce91937e3cca7e2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 183ms
43ms Script
application/x-javascript 217.16.18.206
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.16.18.206 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 07 Oct 2021 10:58:25 GMT
server: nginx
etag: "615ed2d1-1337"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4919
expires: Fri, 26 Nov 2021 08:43:00 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 131 B
422 B 173ms
42ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v113355&s113797&t0&c1&n308005&w0&y0&d24&r1600
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 12fffbdae0bba05b0fb898805e2e8e1ec67a44b29b04bf2f84333c30cdbd6a4b

Request headers

Referer: https://www.uaua.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=575361915&utmhn=www.uaua.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21312970-1&cid=153117899.1637912580&jid=964147519&_v=5.7.2dc&z=575361915
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21312970-1&cid=153117899.1637912580&jid=964147519&_v=5.7.2dc&z=575361915&slf_rd=1&random=4058011576

42 B
107 B

41ms
30ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21312970-1&cid=153117899.1637912580&jid=964147519&_v=5.7.2dc&z=575361915&slf_rd=1&random=4058011576

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-21312970-1&cid=153117899.1637912580&jid=964147519&_v=5.7.2dc&z=575361915&slf_rd=1&random=4058011576
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 132ms
90ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/0e5c970151aae21423766bd907f50dc5/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 24 Feb 2022 07:43:00 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 285 KB
81 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=b71b4db0cb6f8ee8907c2e7e5053a52d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce904e7bae839a116a33cff7ebc9b65ded9990c7bb037264ce9a21f24f0c5b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.uaua.info/
Origin: https://www.uaua.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ng2XV4UpRQTmVyoTCbxTmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 26 Nov 2022 07:35:10 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82915
x-fb-rlafr: 0
x-fb-debug: qsdxRAlgf8aIc8Z05duwoKPyAv8zx9G1rVr3eqM/3yPRrpSHrIXT5Z5iiEute1HpgMQ+WzkV5RULbNhaBI2tRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 744b0caf8a479878a6c1fea4d326e7ac
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 07:43:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "baa35872dc1aba2950932e721d1ec602"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 47ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-883FW2Q2JF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZRZZ6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b24bef701d436966595d7c759661d36354715e0b4f11cd219a2b7bd10de39eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61788
x-xss-protection: 0
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZRZZ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2513
date: Fri, 26 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Nov 2021 09:01:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 28ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZRZZ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: cN6h5PsW6IY8AYwHshH1rKDO2vKoTAK1WYZNpFbYp47HK1+f7jTX5W+HZwn4EggdW+6q7QZtp/TD1/11oXRRjQ==
x-frame-options: DENY
date: Fri, 26 Nov 2021 07:43:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

merle.cgi Show response
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1144455&tail256=unknown&sid=160581&bn=7&bt=52&sz=%2Fwww%2F&ph=adriver_banner_977984834&keyword=notmaslenica
https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1144455&tail256=unknown&sid=160581&bn=7&bt=52&sz=%2Fwww%2F&ph=adriver_banner_977984834&keyword=notmaslenica&tuid=-6016616584

2 KB
2 KB

67ms
65ms

Script
application/x-javascript

195.209.108.38
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1144455&tail256=unknown&sid=160581&bn=7&bt=52&sz=%2Fwww%2F&ph=adriver_banner_977984834&keyword=notmaslenica&tuid=-6016616584
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: HTTP/1.1
Server: 195.209.108.38 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 90250c50d0b951a8e5ea9a7b7d838a97abfc94c7c057fd764e6167c82a649108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Location: /cgi-bin/merle.cgi?rnd=1144455&tail256=unknown&sid=160581&bn=7&bt=52&sz=%2Fwww%2F&ph=adriver_banner_977984834&keyword=notmaslenica&tuid=-6016616584
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: *
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.uaua.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.uaua.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 225 KB
53 KB 1239ms
1216ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4008704496619042&correlator=538460754761722&output=ldjh&impl=fifs&eid=21068766&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=67342444%2CUaua_desktop_ATF_610x60%2CUaua_desktop_ATF_300x250%2CUaua_desktop_BTF_300x250%2CUaua_desktop_Sticky_300x250_top%2CUaua_desktop_Sticky_300x250_bottom%2CUaua_desktop_BTF_610x60%2CUaua_desktop_sidebar_300x100%2CS_uaua_300*600_300*250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=610x60%2C300x250%2C300x250%2C300x250%2C300x250%2C610x60%2C300x100%2C300x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1637912580&dt=1637912580346&dlt=1637912580015&idt=308&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C970%2C-9%2C-9%2C-9%2C-9%2C970%2C-9&adys=-9%2C192%2C-9%2C-9%2C-9%2C-9%2C462%2C-9&adks=3403201505%2C4146076240%2C4212196701%2C1283222601%2C24675431%2C4046991861%2C3933641206%2C2076607603&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.uaua.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x100%7C0x-1&msz=0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1&ga_vid=1781664489.1637912580&ga_sid=1637912580&ga_hid=646658654&ga_fc=false&fws=2%2C0%2C2%2C2%2C2%2C2%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C0%7C-1%7C-1%7C-1%7C-1%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8f6dd40e6bdda249dd82ea2ab1a2cb3dea104dbcd762cb0813397d8756794186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53894
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,4630070555,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,138230207713,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.uaua.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
269 B 61ms
39ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4008704496619042&correlator=538460754761722&output=ldjh&impl=fifs&eid=21068766&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=140343669%2Cuaua_dfp_catfish&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1580x700&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1637912580&dt=1637912580352&dlt=1637912580015&idt=308&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3990096077&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.uaua.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1781664489.1637912580&ga_sid=1637912580&ga_hid=646658654&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a8ece6a67ed97b939806caaf2656ecad66b6c7a0c18b674b7fca747d9d9d9bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.uaua.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9717 6 KB
4 KB 57ms
16ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 07:43:00 GMT
expires: Sat, 26 Nov 2022 07:43:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000547431/ 3 KB
1 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000547431/?random=1637912580372&cv=9&fst=1637912580372&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9affa55d4a536da5fe380aec4ab44cac4380d0becf789474606f97f64cf4290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/999645619/ 3 KB
1 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999645619/?random=1637912580375&cv=9&fst=1637912580375&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104865e1fcbd53d2617133a3f11fe844562cc5b819fbd0df5961e6c6eda48a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/999068537/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999068537/?random=1637912580375&cv=9&fst=1637912580375&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
https://www.google.com/pagead/1p-user-list/999068537/?random=1637912580375&cv=9&fst=1637910000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_npl...
https://www.google.de/pagead/1p-user-list/999068537/?random=1637912580375&cv=9&fst=1637910000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplu...

42 B
108 B

19ms
19ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/999068537/?random=1637912580375&cv=9&fst=1637910000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&is_vtc=1&random=3079169425&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/999068537/?random=1637912580375&cv=9&fst=1637910000000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&is_vtc=1&random=3079169425&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 642389296096099 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/642389296096099?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55220d820609c10413ed4a2f9fe3085112f53a429666b14f130536728479a8ab

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JKbEw5SXKPaZZ5aX2JuMC7cGYpZofa7XrEszj+F7qry927/AXhxnphIlOH0E6ujsP6NnORYbwsV3TtYXjQ54QQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Nov 2021 07:43:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-21312970-38&cid=153117899.1637912580&jid=1116166691&gjid=964976258&_gid=880369151.1637912580&_u=YSBCgAABAAAAAE~&z=1058755720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uaua.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 07:43:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.uaua.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-21312970-39&cid=153117899.1637912580&jid=1722711405&gjid=2109296616&_gid=880369151.1637912580&_u=YSDCgAABAAAAAE~&z=131573049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uaua.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 07:43:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.uaua.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=646658654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.uaua.info%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2%D1%81%D0%B5%D0%B9%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B8.%20-%20UaUa.INFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=38145660.153117899.1637912580.1637912580.1637912580.1&_utmz=38145660.1637912580.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637912580390&_u=YSBCgAAB~&jid=1116166691&gjid=964976258&cid=153117899.1637912580&tid=UA-21312970-38&_gid=880369151.1637912580&gtm=2wgba1NZRZZ6&z=294556742

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66875
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=646658654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.uaua.info%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2%D1%81%D0%B5%D0%B9%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B8.%20-%20UaUa.INFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=38145660.153117899.1637912580.1637912580.1637912580.1&_utmz=38145660.1637912580.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1637912580395&_u=YSDCgAABAAAAAE~&jid=1722711405&gjid=2109296616&cid=153117899.1637912580&tid=UA-21312970-39&_gid=880369151.1637912580&gtm=2wgba1NZRZZ6&z=571518801

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66875
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-883FW2Q2JF&gtm=2oeba1&_p=646658654&sr=1600x1200&ul=en-us&cid=153117899.1637912580&_s=1&dl=https%3A%2F%2Fwww.uaua.info%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2%D1%81%D0%B5%D0%B9%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B8.%20-%20UaUa.INFO&sid=1637912580&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-883FW2Q2JF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uaua.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uaua.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21312970-38&cid=153117899.1637912580&jid=1116166691&_u=YSBCgAABAAAAAE~&z=1867900883

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21312970-38&cid=153117899.1637912580&jid=1116166691&_u=YSBCgAABAAAAAE~&z=1867900883

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21312970-39&cid=153117899.1637912580&jid=1722711405&_u=YSDCgAABAAAAAE~&z=189230075

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21312970-39&cid=153117899.1637912580&jid=1722711405&_u=YSDCgAABAAAAAE~&z=189230075

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.8971355916913901
https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.8971355916913901

132 B
437 B

57ms
57ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.8971355916913901

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

16bb9ba914b0349a790887b310cb59deb6f2877eaa6d03d776bac0eac4c9c6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.10;r;s1600*1200*24;uhttps%3A//www.uaua.info/;0.8971355916913901
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 25 Nov 2020 21:00:00 GMT

GET
H2 200 htmlunit Show response
a4p.adpartner.pro/ 11 KB
3 KB 94ms
29ms Script
text/html 146.59.18.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/htmlunit?id=4585&0.023999444477269316
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.59.18.237 , France, ASN16276 (OVH, FR),
Reverse DNS: vps-a61777d5.vps.ovh.net
Software: nginx /
Resource Hash: d53745536a01515596230f286e70b16b622fc64217990dd1202c2139b7950ef3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 ssp.js Show response
st.hbrd.io/ 17 KB
5 KB 78ms
13ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://st.hbrd.io/ssp.js?t=1637912580486
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e4168186be7967ce91530be5fbdbef469fce9622f1f93a6e340c7fd8b5d1961d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt: AcO1rzVS5Mn/HwkAAA==
x-accel-expires: @1637913845
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
etag: W/"619b69e1-4534"
last-modified: Mon, 22 Nov 2021 09:58:57 GMT
server: CDN77-Turbo
x-77-nzt-ray: +7qECy4c700=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 2335
x-77-pop: frankfurtDE

GET
H/1.1 200
OK merle.cgi Show response
ad.adriver.ru/cgi-bin/ 2 KB
2 KB 98ms
69ms Script
application/x-javascript 195.209.108.38
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5389625&tail256=unknown&sid=160581&bt=52&pz=1&sz=%2Fwww%2F&ph=adriver_banner_632021539
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.38 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 5542d12e2e297bece853aae77a184c86c8fe0ca691cf09e1898716bb2661a8e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 113ms
32ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Mon, 29 Nov 2021 07:43:00 GMT

GET
H2 200 b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
249 B 114ms
33ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4e"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 78
expires: Mon, 29 Nov 2021 07:43:00 GMT

GET
H2 200 b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 85ms
33ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Mon, 29 Nov 2021 07:43:00 GMT

GET
H2 200 reclama_img.png
www.uaua.info/img/ 388 B
567 B 39ms
39ms Image
image/png 62.244.10.86
LUCKYNET Lucky Ne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uaua.info/img/reclama_img.png
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.244.10.86 Kyiv, Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS: uaua.info
Software: nginx/1.16.1 /
Resource Hash: 959ac63a5eafa273aeddab46e85e17a1f4883ea0e6d22a1da6086bed8fad1ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Mon, 25 Mar 2019 14:26:15 GMT
server: nginx/1.16.1
etag: "5c98e507-184"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 388
expires: Sat, 26 Nov 2022 07:43:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/999645619/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/999645619/?random=1637912580375&cv=9&fst=1637910000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&fmt=3&is_vtc=1&random=3658729936&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/999645619/ 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/999645619/?random=1637912580375&cv=9&fst=1637910000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&fmt=3&is_vtc=1&random=3658729936&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1000547431/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1000547431/?random=1637912580372&cv=9&fst=1637910000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&fmt=3&is_vtc=1&random=2328770580&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1000547431/ 42 B
154 B 18ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1000547431/?random=1637912580372&cv=9&fst=1637910000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.uaua.info%2F&tiba=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%BE%20%D0%B4%D0%B5%D1%82%D1%8F%D1%85.%20%D0%A1%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%BC%D0%B0%D0%BC%2C%20%D0%BF%D0%B0%D0%BF%20%D0%B8%20%D0%B2&async=1&fmt=3&is_vtc=1&random=2328770580&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 65ms
15ms Fetch 52.174.47.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=0e5c970151aae21423766bd907f50dc5&user_id=ce8f65c9-23c1-4eb6-b227-3e8e67346f32&utmb=f2739529-3026-4a3c-b0c4-c706bfc56030&path=https%3A%2F%2Fwww.uaua.info%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:00 GMT
x-correlation-id: b9d89b95e6f2ae8d2abb2668fd8a1b57
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

GET
H3 200 1039985483434631 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1039985483434631?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

083e4c7fbc851be00dd7190e15deaff4cb70933cac1edd5752e6793c753950a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 81aP1ar5oj42u/X2m7qnJbRc1VDZugQUM9/i6+U5n3mbwC3gwHg9/UerP1EW0akYtr6sg7RzR8sZUnjrjkQYnQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Nov 2021 07:43:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=642389296096099&ev=PageView&dl=https%3A%2F%2Fwww.uaua.info%2F&rl=&if=false&ts=1637912580532&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637912580531.1785898890&it=1637912580383&coo=false&exp=p0&rqm=GET

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 9ms
8ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/0e5c970151aae21423766bd907f50dc5/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 09:53:50 GMT
server: nginx
etag: W/"608930ae-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Apr 2021 10:14:57 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 9ms
9ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/0e5c970151aae21423766bd907f50dc5/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 09:53:50 GMT
server: nginx
etag: W/"608930ae-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 28 Apr 2021 10:14:57 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 AV.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ 25 KB
25 KB 45ms
44ms Script
application/x-javascript 217.16.18.206
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/AV.js
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.16.18.206 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 19 May 2021 13:40:38 GMT
server: nginx
etag: "60a51556-6216"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 25110
expires: Fri, 26 Nov 2021 08:43:00 GMT

GET
H2 200 script.js Show response
masterh5.adriver.ru/images/0000399/0000399800/0/ 80 B
240 B 80ms
74ms Script
application/x-javascript 217.16.18.206
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://masterh5.adriver.ru/images/0000399/0000399800/0/script.js?vadriver_banner_977984834
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.16.18.206 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5144319e511c20e5f322a468f7235624551c9c518c6fd5b2b3a6e38669d107bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
cache-control: max-age=3600
last-modified: Mon, 03 Aug 2015 00:38:22 GMT
server: nginx
content-type: application/x-javascript
etag: "55beb7fe-1e"
expires: Fri, 26 Nov 2021 08:43:00 GMT

GET
H2 200 bobid.js Show response
fp.hybrid.ai/ 32 KB
13 KB 73ms
13ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.hybrid.ai/bobid.js
Requested by: Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637912580486
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7170b733d833751c5a054598db93cb06aa3573194556a1adfd242e6c271632c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt: AcO1rzUw1lD/IgkAAA==
x-accel-expires: @1637913842
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: br
etag: W/"616ea8f6-7ff9"
last-modified: Tue, 19 Oct 2021 11:16:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: BwLbFz8fhsg=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 2338
x-77-pop: frankfurtDE

GET
H2 200 prebid.js Show response
st.hbrd.io/ 0
297 B 14ms
13ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://st.hbrd.io/prebid.js
Requested by: Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637912580486
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt: AcO1rzViJ9b/IAkAAA==
x-accel-expires: @1637913844
date: Fri, 26 Nov 2021 07:43:00 GMT
etag: "619b69e0-0"
last-modified: Mon, 22 Nov 2021 09:58:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: oVAlyvKRmtc=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 2336
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 0

POST
H2 200 init Show response
ssp.hbrd.io/metrics/ 32 B
261 B 197ms
68ms XHR
text/plain 37.18.16.17
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hbrd.io/metrics/init?name=start_of_metrics
Requested by: Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637912580486
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: dc3b35e06898f93f655553af0301e5d8079e9fd1c07075a1afe148c904b4adaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.uaua.info
date: Fri, 26 Nov 2021 07:43:00 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
content-type: text/plain; charset=utf-8
content-length: 32
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 204 urls Show response
ssp.hbrd.io/matching/ 0
197 B 193ms
63ms XHR
text/plain 37.18.16.17
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hbrd.io/matching/urls?
Requested by: Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637912580486
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.uaua.info
date: Fri, 26 Nov 2021 07:43:00 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 htmlunit.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 28ms
28ms Script
application/javascript 146.59.18.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/htmlunit.min.js?v=1.1.390
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit?id=4585&0.023999444477269316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.59.18.237 , France, ASN16276 (OVH, FR),
Reverse DNS: vps-a61777d5.vps.ovh.net
Software: nginx /
Resource Hash: 08b54658c816f1537466a8e674f3710ca6ea559af8af1a3d3e5b1de7579e96e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
cache-control: no-store no-transform
last-modified: Wed, 24 Nov 2021 11:19:16 GMT
server: nginx
content-encoding: br
etag: W/"619e1fb4-3317"
content-type: application/javascript

GET
H2 200 ls Show response
a4p.adpartner.pro/htmlunit/ Frame D50A 5 KB
2 KB 29ms
28ms Document
text/html 146.59.18.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=4585&bannerNum=16448688374313036&apuid=21b61974-0fe8-40f1-8a97-b514c63ba2e5&session_pageview=1&session_id=b94de4d5-b8e5-4730-a9f9-73b5380f6a6a&site_visited=1&location=https%3A%2F%2Fwww.uaua.info%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit?id=4585&0.023999444477269316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.59.18.237 , France, ASN16276 (OVH, FR),
Reverse DNS: vps-a61777d5.vps.ovh.net
Software: nginx /
Resource Hash: b01ad27ad950588f920dd4770891324a88bb0c09f18ea0276bbacc122b8e895b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

server: nginx
date: Fri, 26 Nov 2021 07:43:00 GMT
content-type: text/html; charset=utf-8
cache-control: no-store no-transform
content-encoding: br

GET
H2 200 script.js Show response
servers1.adriver.ru/images/0000399/0000399800/0/ 80 B
241 B 299ms
45ms Script
application/x-javascript 88.212.240.204
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://servers1.adriver.ru/images/0000399/0000399800/0/script.js?vadriver_banner_632021539
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/js/58e795bc6bd7e9bf2b948567d4d9caba.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.240.204 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ae8fb7d5086876ba7be99519212916b810c082b21328b1df9fdb82e062ec12f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
cache-control: max-age=3600
last-modified: Mon, 03 Aug 2015 00:38:22 GMT
server: nginx
content-type: application/x-javascript
etag: "55beb7fe-1e"
expires: Fri, 26 Nov 2021 08:43:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D50A 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=4585&bannerNum=16448688374313036&apuid=21b61974-0fe8-40f1-8a97-b514c63ba2e5&session_pageview=1&session_id=b94de4d5-b8e5-4730-a9f9-73b5380f6a6a&site_visited=1&location=https%3A%2F%2Fwww.uaua.info%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2513
date: Fri, 26 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Nov 2021 09:01:07 GMT

POST
H2 200 htmlunit Show response
a4p.adpartner.pro/ Frame D50A 768 B
474 B 77ms
77ms XHR
text/html 146.59.18.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/htmlunit?id=4585&session_id=b94de4d5-b8e5-4730-a9f9-73b5380f6a6a&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=4585&bannerNum=16448688374313036&apuid=21b61974-0fe8-40f1-8a97-b514c63ba2e5&session_pageview=1&session_id=b94de4d5-b8e5-4730-a9f9-73b5380f6a6a&site_visited=1&location=https%3A%2F%2Fwww.uaua.info%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.59.18.237 , France, ASN16276 (OVH, FR),
Reverse DNS: vps-a61777d5.vps.ovh.net
Software: nginx /
Resource Hash: d78af44b7bd70212195a93c78c8399b2ba9d7a1179c0fbd09df502525eea97f6

Request headers

Referer: https://a4p.adpartner.pro/htmlunit/ls?htmlunit=4585&bannerNum=16448688374313036&apuid=21b61974-0fe8-40f1-8a97-b514c63ba2e5&session_pageview=1&session_id=b94de4d5-b8e5-4730-a9f9-73b5380f6a6a&site_visited=1&location=https%3A%2F%2Fwww.uaua.info%2F
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1039985483434631&ev=PageView&dl=https%3A%2F%2Fwww.uaua.info%2F&rl=&if=false&ts=1637912580641&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637912580531.1785898890&it=1637912580383&coo=false&exp=p0&rqm=GET

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H/1.1 200
OK event.cgi
ad.adriver.ru/cgi-bin/ 42 B
667 B 68ms
68ms Image
image/gif 195.209.108.38
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/event.cgi?xpid=D1zo6vla-pQ2gAKFhNIDbEGQzETax_vQdECi4J2oTESbiRTdqH-zGxSabZn-J_RvzO6FplnoD&bid=399800&type=0&custom=113=0;161=1600;162=0;168=1;176=0;177=1;213=0;214=2;216=1600;217=1200;218=false;163=https%3A%2F%2Fwww.uaua.info%2F
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.38 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK event.cgi
ad.adriver.ru/cgi-bin/ 42 B
667 B 64ms
64ms Image
image/gif 195.209.108.38
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/event.cgi?xpid=DkUF6DUPpSwJw1ODNfVXDXPYxjeMvB3EPGoFk_2rdubk8pq3PNDRwMoODhER8JIOr405v7Dql&bid=399800&type=0&custom=113=0;161=1600;162=0;168=1;176=0;177=1;213=0;214=2;216=1600;217=1200;218=false;163=https%3A%2F%2Fwww.uaua.info%2F
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.38 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:00 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET features
dm.hybrid.ai/bobid/ 0
0

POST
H2 204 save Show response
ssp.hbrd.io/metrics/ 0
196 B 64ms
64ms XHR
text/plain 37.18.16.17
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded
Requested by: Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637912580486
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uaua.info/
tdm-id: 29bce993bb3d49e4b3c191d3e5a51f0a
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.uaua.info
date: Fri, 26 Nov 2021 07:43:00 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 210E 0
139 B 29ms
28ms Document
image/gif 146.59.18.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252221b61974-0fe8-40f1-8a97-b514c63ba2e5%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A4585%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522use_viewability%2522%253Afalse%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.uaua.info%252F%2522%257D
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.59.18.237 , France, ASN16276 (OVH, FR),
Reverse DNS: vps-a61777d5.vps.ovh.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 26 Nov 2021 07:43:00 GMT
content-type: image/gif
content-length: 0
cache-control: no-cache, no-store, must-revalidate no-store no-transform
expires: 0
pragma: no-cache

OPTIONS
H2 204 save
ssp.hbrd.io/metrics/ Frame 0
0 174ms
57ms Preflight 37.18.16.17
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: tdm-id
Origin: https://www.uaua.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: tdm-id
access-control-allow-methods: POST
access-control-allow-origin: https://www.uaua.info
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 37ms
22ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f791a2c17a181baecc5e75e58b1b115c41c00c5a8f0c522336c72d6173234fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9236
x-xss-protection: 0

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 44ms
44ms Font
application/octet-stream 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://www.uaua.info/
Origin: https://www.uaua.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 28 Apr 2021 09:53:50 GMT
server: nginx
etag: "608930ae-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 28 Apr 2021 10:14:57 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 07:43:00 GMT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 7ms
7ms Font
application/octet-stream 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: www.uaua.info
URL: https://www.uaua.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://www.uaua.info/
Origin: https://www.uaua.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Wed, 28 Apr 2021 09:53:50 GMT
server: nginx
etag: "608930ae-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 28 Apr 2021 10:14:57 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 858171187.png
cdn.gravitec.net/images/users/1671730237967171584/ 4 KB
5 KB 8ms
7ms Image
image/png 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1671730237967171584/858171187.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 267312212c37ded7e07e71d134b1d3927dc91b973359719760eccfefb95c284d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 07:43:00 GMT
last-modified: Thu, 09 Jul 2020 10:37:17 GMT
server: nginx
etag: "5f06f35d-10fe"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4350
x-proxy-cache: HIT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EC2B 12 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 25 Nov 2021 21:56:57 GMT
expires: Fri, 25 Nov 2022 21:56:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 35164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E837 783 B
532 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce726ae134a565cfe34ff460c4368f21d395808353c63c6588a1657cc9157e13

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+ENoF/dgam7zwNeshueCWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 07:43:01 GMT
date: Fri, 26 Nov 2021 07:43:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+ENoF/dgam7zwNeshueCWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E837 0
0 76ms
61ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=4008704496619042&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame EC2B 35 KB
13 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 17:25:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=4008704496619042&bg=!QUKlQgbNAAZQLpa_UC47ACkAdvg8WnXg7g3gKOFjsi6gHBsGxrCOqmBt10b1SHA298FWw1eJy2k0CgIAAABaUgAAAAtoAQcKACHJf4zjrJKeseqCcq5Tu4VmkNnUEkf0YGRI8iAJH2iRDUCZAniV5rYsscon6gKua3pvVZeuIuahYa31WSvBBClGgnEt5j4HvMu4M1190U2RTUdLzKVn0EXINDZoU76BRyYUPBPKK7hWposuTFagSr_kGlVXRvQ-ICjftRwlE0mN_mzTNxDBbmwPsQKUiR50BY48E3MIILFImgzAWX0UBtIWZMrCXXeyFZVP35d5AvRq3HeG1eUcL9l6Ht24_EczW2Xwb0EGb7IYd_Flf54SI1sTgNem-8Lh4l6y72y1T8O_yzYT-bH-UDE0zQpNR61OLJlKx6lfHdsE4HlU0GZAaGGPRS5eQ8hc8nKHYb6tqr2_8JIS0C4YgBI2e8GRdnyrST7Gc6C9MMhLMGz6gFljc-Fk_8erR9OY-Ne1oMrKh4g7n8bvu3r6oFeQdaCMX8NWgTybsY-WjVvXI_dDQIEFRB-6LbDIl6by4vAcg_wzLFzHI8ThBe2IL4cAu8fF-fSKswgRZYP_GU1Cow4m2yyTaYbA-BGCeCCjpVRyvo9oF9x7W9gPj1xxGjZeU3FrokNS_Ux_rVVGXIIFY8JDT3DjY-KyF4AgOu0t8W8rA1rCvRvrdp8WovzXr9QTzfrBG2-0n8AeO1labemENgVrSysnaJEi1osMKAmqaWwnaRhZ6ibuOeQ1yB8oMOVqJYJsMtok9qKaYC9On66mqk0xwl5I_5jppt9iOl3EiuEvNk8ulpxO3b582YDJX_DAKOosy7tqpubdADCcu8PSVn9BBxLr2pyCDmf8X7ML8QsZnPLV80LjeIsrgBvUNdbKeeZea99WA2zzGQ1VN0bO3ZwKUj62UShAQZUWQz9c0s23n--EOLR-wNKNA8Cng1mdqV9EzA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 527F 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 07:43:00 GMT
expires: Sat, 26 Nov 2022 07:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAD4 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPL2vJCZpFSa_GZePUTLP9DawxIbdXxOS-I47-ANPhPT5bvUtZ5b7I_V-exM3h-9_5hXcY3yCj0pynYDvrf51l1o1qGzioFA7-4hhxIFS6ZYGp-4dRoPnkszQljM3XadbRkbn7R0XPG4eRQ8ZCKtSLh5Fx8ZhTYa-x6eZfcxW4IUhDqjTyixMJy1b6pjwTzO8ojyS9ClzXcKDG488zjNtDrRRgmaFqpUi-YkfXZbKxmnlRS-_Yl_gT8os5BKaD2oem8zqobHwBGCNF7vkT-cx24KD8Ppg-pTmdE33Ek26UmvmaBKZdF5bE0yFspbckH2P-scfnwvM&sai=AMfl-YR14yLJwdX2SqQl8HvjegHr6JQL5slujmvtMhq0LazhSKWB5hsza0aLO7PPDv84o6GBlush-A_ZLU9FwGiDwROrxTr0AQRLcMIj_0cBSZL0cJppUiwuMpEZmTz7qzVg&sig=Cg0ArKJSzJxGT3h6T2H-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 26 Nov 2021 07:43:01 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FAD4 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 07:37:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FAD4 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 07:35:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAD4 119 KB
36 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 07:43:01 GMT

GET
H3 200 12614475934150504120
tpc.googlesyndication.com/simgad/ Frame FAD4 26 KB
26 KB 9ms
9ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12614475934150504120

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ed5553377d2f30f1bd853f75f1d305017c4b6b64673b7527947999f8d11faa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:20:11 GMT
x-content-type-options: nosniff
age: 174170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26866
x-xss-protection: 0
last-modified: Tue, 10 Apr 2018 11:35:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 07:20:11 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D5E6 624 B
300 B 24ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNWsg6cAml1-ey3VhKuvEdkglCx29lKUs7Cj7IR2kNnLFYlvCADrsLiTAjKVZWG8m-V4w5reebd1CJXZ31adK9VcmAioaM6pnjVG6aTfY4Nnu3sOc3BJEBwqdbdDkRk7SFebXEZHoiMpubRrv4nhxKehn8mwL3mSvdcHB6RKhpI6M8R1Ffs

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 26 Nov 2021 07:43:01 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 07:43:01 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 527F 25 KB
15 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKx3NrMyWbz1-ORRyf16n2O7Dw4i54zItPckyVfQowM-oV6Ne3H1yRGzsCmn-BkKroSQ-gX0CH4xmTK4240FbDoR1SZvZBxvmXinhmvsXf1UxyAi3JgX8A3IRu6drSXg_z6TEDgnuWFd_xQboqMWc6LmjRMQ&cry=1&dbm_d=AKAmf-BOLmb31ydhqkdFfIhnbCoOyTZEdNR71iIHT6g9pGRfa20JKF4OEypBoOFuKBieTTAxJYzWJ0dyQGzc6Dg_oN1DJI8fWo-eSo31e38uC4Hi0gT1CmPp9-q6Z0J-EslDm6yiuRsNfRIiRzyzedPy6sFM_BCdpcjpiUFXNdUCBYuQGxiTAFRE2vVHP344pFM_6NESspn9rct9zVLEE-gluDySjJK96ZWcFfSTPiotiOC2TyEmFzgQhptcuRszDsLf4brHjTd18JEn-AoP1LmR-rCUPiJuU2-R_VnPKuaBpw-Zut8xWRZ0FGOLEv-o9G2GqeasZVEv3Xg6enWwDYTKOjLC0ELkglzKc8Qyo-jill6A90UwpT2cAKFTk291E9tgZlz-2sG60Aq3Pi6r5KD0qQfmoJ2dN9A-OYw90V-L93K1P_JuOotu1iBAtxfkiLsaM-hwjaSvpBgA4bbjlByEn_UJWu6WzKo8f45BWAnTadB_OMr3Vf1YT1DYv-q0jxVGVTCGlPbr24B_qovPeRwN9_IO2lOMoGGLxtL0CXmgioMtB-6UZpFOP_hRZqOK2XeMggrkU_iNCRlbhigNI3PJl605FksusyzgepHPt3P9VVxjw_U9AHDIF5T23tlcvFqy7Ia55njQYHbN9kBvgUTHGJUO-d5UR5GRv9zYa09U1C5kpZrCbbsAg3hVBkf7Wslw6YcP0gVWzPJBImeE6HpQ9tWOnCKIANuIUU2bvNpsXP8h4i6BoMjfByhR1cEB92GzyCuVmNIb8IVHH2DIK_SHXLyyvpHxlzXEln1E-6PMZNJblw_nhAiNlQkPvH8YyMm90o2mlq6_C9ESPbv14opkCOmiZ_WlKXXkVKduE3-wS5tkNppBV7j78hTCk-DCN0LSbsCypW04lJAJ1BYXTCPw-aKNM0LfqEytFRDHREEr22IY-AdDjcfpIPg3gFAhiGNgNIvkqYdCB-l5nxSieZrchoORZmPBepVZd5-tIycxUWesrfopNGPuTKW3gD5OpUMsvU7406TZ416H4xKQJlUo-NwjrGcmqpd3u1FetVcvJaVjrZbr3Vgl2a6sHR4XOEIeUBb_pRvnHTWFMHd1wrCYwjbBqIkpNDiA4ZevMmt4V8WLa8PnDvw1CX0df5lFsmUJhCNsfJm4Q2ayiSxhyDnlBKksPmtaMGaRShQRe1wRyrFZhadjtztD6XW1Fj6d2RiRofte-HIE0bfyLm6PheA9-yD_32n5gUtLWDTTQLP5knYEc6l_Fx3Ds-KxH7lmXM5bJ8MLn8OjYl116F5u53KMVUfisS1BTsoNtm7_f3JZ8Ef_IEmT1SCiheu-Q9rhp5zr_tnKE5zmbduyzvJZf2UWn63HiMzE-r9Ql3vRVEpyGybP1OrsRLqMZWeOIltq_9nRw4LqFnKoo9v4wB1wkPSew7z1r_zXAxZXu4_D6Ugz1xbJSf8CVRW7kKRocrkLcgQ4HwHXIco5Das8GPcUiWFd2kZk8kAdnFbBXb4Rzjccy1cWhuziZW9v4v_CudMi6_nIyRmgKBbLiiiNgWiI5b_6sN1gCDiCjB0XJWTcKe3brhuY8EMq75PezjXd6QarZ-e2qGIfT8xWxMARXPznP5-sTBzlHm3RmFN9vrWpbyHaXynhDTlnRhv49KEE7fvCcbIgbmAdEhD62Lb86Te0FCeZNhsHrQ_Cz3KQiKKQ9Moq8qJq0j4In_AZHvQEFdvOGiUI_XvKpw89odO9KBKcZ-gEF9IyXB__XPGPNVFUJx34pwAkR-ZVvfwKmnbzp2CT-AixCJsdvU17m7nsIwVW-MEQh-n7VcKu7CoPmHiKvrq7IhREaoZQ_biUC2FAOO0JVDhPbu2VHotaezfbrRhKM1U0Acn_mw24twQQeNCKZJYw_XExbo4ocT7Z8tyxvCxLxpvjZmQsTVBdHpyCi2ciI_EUPRWCj0ZfDMnc5c_SXq9TxkIU2BvJ-ZVzUjz1vnbRbngSOWJ9uBZbz6iL7S1a2WvYb8ju8Jm0Rt4POxNMasDgqrFt_dTpt_AZ2vbzUNNRuqH9z3gYXsnqKAp5f04iwjNC-pbprsbkzC9wchJ9eW9zhXXLUEs6cp2o0Ti9K_cshmFFy18CGGlkNIqQrMSK8Eu4PypHbBERMeqt6kMqiSh3nRiNy15VQVBw0DP2jvGwR-tedEnzD8Pc6evP0r-e4iCyVhTbKC1d0MUTNyNLv8t62tRoL057uPlzB7CuA7gGloRjtYwSfV8-5FpOjUzxwFwPfx5P9UJzsQSYHhpj6tD-cGAoUfwuIIVoyWt7QzXK-4WR-S-RaWwvj2uKubTafP1PiBhjIWpuKd7VFyoxD1tJ2Oswmc8j22nv2o1JIZb7W_a4vl6HREfHR0JetXjdSjF5XFhOBlDbbqXhzS2YacwBezgffSlaxcIL51N714W8Jh17YLj3IoUrqcBgUIJvuqCnNYlHAeW06udlQB70ZD1oTbXGghl39mhFqy0zBq-BgRJAbToBAmFfBR8zYmlFdFKdB_EPAijkb1mEpar-6PSYVOPpI9AS_ud8WoOlzhtW6b08f0xp1MbjyhmvvWuwM5SuJiKxvhsBu5-DTScIAlZ1nCkowNK3NQidROKHBvFIkXFrx83g5YO7aarqZYhjDUnvCk-fEEmdu3cApqDSzKBy4mXg_ZfNHlOzxrc--0ZgSM5uV5B7xoXjBcJ38P4DKYWgOx98wTWE4XuItIc4oq7ukFPJWFsx787axSNQBwX81a3D6zIEaz8MTIUTRtdH8P0zz92TunmeMZdIxcu2p9M9SaP_R1-Hl8xIMSSeYwI1vgRM2arQz7smmfBlGx-Fj2lDaCSiI13RuCDkRnXFHR5FoS2dIKIp1v8P418PU305g6IVmtqXgYgi4jQCLjfFBTmkzjx9uUBmljkNtSeECx6e_lnvcVWI3i08yhI7QI7DGEWi4iqClzXAuWFKlg5EDeg5XavFZFFbiHEnrgkluB0YzPIy8L2zGZYjrhn4YuJCiP_hJpVeUTIodcUF1E1cGsSl24wVjoxvHvivC_3eYwI-jKMBssOQB5jqwI882OZlOQfMKkTxHLV9LaImXHrh-MJOfTFcgwXGtmi-9PZdkqR3wTKrvWnNakSySJ_umUGrtCioP2Rf-opDDkvpdemwBa42Lk603VNkf8wkTRnyS4TXOPTzxowQTjdrnZRLA9-lZs9PMrfCwnzpkwgy-_62HY4FG8aoDpk111prswctf23sVwDAyF_G8bsA0hK7WU0muOzaV2ZusgYDY42Cr4MX91V17KE5vB28-qUp39OFtWef72-1fzzCAo0yzbzX5L5PHsUZhUareC9J_iDyQcUiZCS1P0Tth97x3ftgQFSS5A90xTokQ5e9WSNWDLAtBa2lORhA90tj_ODi&cid=CAASFeRodhPxrZFWrZXymK93jTImfXNdwg&rfl=1%2Chttps%253A%252F%252Fwww.uaua.info%252F%240

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5acacf8db02a1f506797c8bb2c10fd76026f0a99ae1ae4912c32762e0f5f615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14981
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 527F 42 B
63 B 44ms
44ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXmw_k-9bF8e0bIVQ0mBukW8pcXPsYs6z3yNZH6HkPp9pQL_vodimYhyreMq2le2h0CQIELXUkOeU5fyKKYG-2AANRF3Mu4INPNqrll8eadsmaUxE

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 527F 9 KB
4 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 26 Nov 2021 08:11:37 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/774473/57793669/ Frame 527F 46 KB
13 KB 137ms
55ms Script
application/javascript 52.212.254.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/774473/57793669/skeleton.js
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.254.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-254-206.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcc0269dbfb7a04ec2e14bcbb247d6e343de0f5ceb890e330e292434f17fffef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 527F 2 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 07:35:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 527F 119 KB
36 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 07:43:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 527F 15 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 07:39:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAD4 0
0 61ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui9OGIqttkdRiaUqwx8GrWpU0jQedJyreJI62pEpHO5EqlLF7U1fVuqRgoNviu1KmqT5J1XtuFEKg3yar0Rds9pONhlsxE1wQs5QZ2VJrnCkHU5znsO6UtfQ_VuP13uUJ0Cb9tqucC_qv1lGqwh2a13yz-AhFRVHlkoEkb6pif6DiGGMKTdbWO70AHT60RT5SovpuJw1tLynlcWKyHgGMpsMK2gzaY69X3lGKr0gw5DhVxnS-_ORIjfTIKyaMW_JmGrxZvKW4QFh9XJpSjh5IxdE-U-Tjky-bWg6VP6QmSibIfyDItlgfTJezWYoloIxY6IGbgKY-GnQ&sai=AMfl-YThR805UNRGJe5yFFVwxuE-jJ9lPToVp6yapIpCvnQ3rGw3f2gGpKKcvb8QHEiFj1D-s0ZoJpFym-TyvB-wvuT7-CS-0JmpXyWt48aRzwnrejA3gjC6JLA5b2-uZi_M&sig=Cg0ArKJSzFxWIsj_P0JEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 26 Nov 2021 07:43:01 GMT

GET
DATA 200
OK truncated
/ Frame FAD4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61e68a8b26c061a5701283f3ccd7e086662e49a1e41c4b9969ca877e14dfa4d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 527F 24 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKx3NrMyWbz1-ORRyf16n2O7Dw4i54zItPckyVfQowM-oV6Ne3H1yRGzsCmn-BkKroSQ-gX0CH4xmTK4240FbDoR1SZvZBxvmXinhmvsXf1UxyAi3JgX8A3IRu6drSXg_z6TEDgnuWFd_xQboqMWc6LmjRMQ&cry=1&dbm_d=AKAmf-BOLmb31ydhqkdFfIhnbCoOyTZEdNR71iIHT6g9pGRfa20JKF4OEypBoOFuKBieTTAxJYzWJ0dyQGzc6Dg_oN1DJI8fWo-eSo31e38uC4Hi0gT1CmPp9-q6Z0J-EslDm6yiuRsNfRIiRzyzedPy6sFM_BCdpcjpiUFXNdUCBYuQGxiTAFRE2vVHP344pFM_6NESspn9rct9zVLEE-gluDySjJK96ZWcFfSTPiotiOC2TyEmFzgQhptcuRszDsLf4brHjTd18JEn-AoP1LmR-rCUPiJuU2-R_VnPKuaBpw-Zut8xWRZ0FGOLEv-o9G2GqeasZVEv3Xg6enWwDYTKOjLC0ELkglzKc8Qyo-jill6A90UwpT2cAKFTk291E9tgZlz-2sG60Aq3Pi6r5KD0qQfmoJ2dN9A-OYw90V-L93K1P_JuOotu1iBAtxfkiLsaM-hwjaSvpBgA4bbjlByEn_UJWu6WzKo8f45BWAnTadB_OMr3Vf1YT1DYv-q0jxVGVTCGlPbr24B_qovPeRwN9_IO2lOMoGGLxtL0CXmgioMtB-6UZpFOP_hRZqOK2XeMggrkU_iNCRlbhigNI3PJl605FksusyzgepHPt3P9VVxjw_U9AHDIF5T23tlcvFqy7Ia55njQYHbN9kBvgUTHGJUO-d5UR5GRv9zYa09U1C5kpZrCbbsAg3hVBkf7Wslw6YcP0gVWzPJBImeE6HpQ9tWOnCKIANuIUU2bvNpsXP8h4i6BoMjfByhR1cEB92GzyCuVmNIb8IVHH2DIK_SHXLyyvpHxlzXEln1E-6PMZNJblw_nhAiNlQkPvH8YyMm90o2mlq6_C9ESPbv14opkCOmiZ_WlKXXkVKduE3-wS5tkNppBV7j78hTCk-DCN0LSbsCypW04lJAJ1BYXTCPw-aKNM0LfqEytFRDHREEr22IY-AdDjcfpIPg3gFAhiGNgNIvkqYdCB-l5nxSieZrchoORZmPBepVZd5-tIycxUWesrfopNGPuTKW3gD5OpUMsvU7406TZ416H4xKQJlUo-NwjrGcmqpd3u1FetVcvJaVjrZbr3Vgl2a6sHR4XOEIeUBb_pRvnHTWFMHd1wrCYwjbBqIkpNDiA4ZevMmt4V8WLa8PnDvw1CX0df5lFsmUJhCNsfJm4Q2ayiSxhyDnlBKksPmtaMGaRShQRe1wRyrFZhadjtztD6XW1Fj6d2RiRofte-HIE0bfyLm6PheA9-yD_32n5gUtLWDTTQLP5knYEc6l_Fx3Ds-KxH7lmXM5bJ8MLn8OjYl116F5u53KMVUfisS1BTsoNtm7_f3JZ8Ef_IEmT1SCiheu-Q9rhp5zr_tnKE5zmbduyzvJZf2UWn63HiMzE-r9Ql3vRVEpyGybP1OrsRLqMZWeOIltq_9nRw4LqFnKoo9v4wB1wkPSew7z1r_zXAxZXu4_D6Ugz1xbJSf8CVRW7kKRocrkLcgQ4HwHXIco5Das8GPcUiWFd2kZk8kAdnFbBXb4Rzjccy1cWhuziZW9v4v_CudMi6_nIyRmgKBbLiiiNgWiI5b_6sN1gCDiCjB0XJWTcKe3brhuY8EMq75PezjXd6QarZ-e2qGIfT8xWxMARXPznP5-sTBzlHm3RmFN9vrWpbyHaXynhDTlnRhv49KEE7fvCcbIgbmAdEhD62Lb86Te0FCeZNhsHrQ_Cz3KQiKKQ9Moq8qJq0j4In_AZHvQEFdvOGiUI_XvKpw89odO9KBKcZ-gEF9IyXB__XPGPNVFUJx34pwAkR-ZVvfwKmnbzp2CT-AixCJsdvU17m7nsIwVW-MEQh-n7VcKu7CoPmHiKvrq7IhREaoZQ_biUC2FAOO0JVDhPbu2VHotaezfbrRhKM1U0Acn_mw24twQQeNCKZJYw_XExbo4ocT7Z8tyxvCxLxpvjZmQsTVBdHpyCi2ciI_EUPRWCj0ZfDMnc5c_SXq9TxkIU2BvJ-ZVzUjz1vnbRbngSOWJ9uBZbz6iL7S1a2WvYb8ju8Jm0Rt4POxNMasDgqrFt_dTpt_AZ2vbzUNNRuqH9z3gYXsnqKAp5f04iwjNC-pbprsbkzC9wchJ9eW9zhXXLUEs6cp2o0Ti9K_cshmFFy18CGGlkNIqQrMSK8Eu4PypHbBERMeqt6kMqiSh3nRiNy15VQVBw0DP2jvGwR-tedEnzD8Pc6evP0r-e4iCyVhTbKC1d0MUTNyNLv8t62tRoL057uPlzB7CuA7gGloRjtYwSfV8-5FpOjUzxwFwPfx5P9UJzsQSYHhpj6tD-cGAoUfwuIIVoyWt7QzXK-4WR-S-RaWwvj2uKubTafP1PiBhjIWpuKd7VFyoxD1tJ2Oswmc8j22nv2o1JIZb7W_a4vl6HREfHR0JetXjdSjF5XFhOBlDbbqXhzS2YacwBezgffSlaxcIL51N714W8Jh17YLj3IoUrqcBgUIJvuqCnNYlHAeW06udlQB70ZD1oTbXGghl39mhFqy0zBq-BgRJAbToBAmFfBR8zYmlFdFKdB_EPAijkb1mEpar-6PSYVOPpI9AS_ud8WoOlzhtW6b08f0xp1MbjyhmvvWuwM5SuJiKxvhsBu5-DTScIAlZ1nCkowNK3NQidROKHBvFIkXFrx83g5YO7aarqZYhjDUnvCk-fEEmdu3cApqDSzKBy4mXg_ZfNHlOzxrc--0ZgSM5uV5B7xoXjBcJ38P4DKYWgOx98wTWE4XuItIc4oq7ukFPJWFsx787axSNQBwX81a3D6zIEaz8MTIUTRtdH8P0zz92TunmeMZdIxcu2p9M9SaP_R1-Hl8xIMSSeYwI1vgRM2arQz7smmfBlGx-Fj2lDaCSiI13RuCDkRnXFHR5FoS2dIKIp1v8P418PU305g6IVmtqXgYgi4jQCLjfFBTmkzjx9uUBmljkNtSeECx6e_lnvcVWI3i08yhI7QI7DGEWi4iqClzXAuWFKlg5EDeg5XavFZFFbiHEnrgkluB0YzPIy8L2zGZYjrhn4YuJCiP_hJpVeUTIodcUF1E1cGsSl24wVjoxvHvivC_3eYwI-jKMBssOQB5jqwI882OZlOQfMKkTxHLV9LaImXHrh-MJOfTFcgwXGtmi-9PZdkqR3wTKrvWnNakSySJ_umUGrtCioP2Rf-opDDkvpdemwBa42Lk603VNkf8wkTRnyS4TXOPTzxowQTjdrnZRLA9-lZs9PMrfCwnzpkwgy-_62HY4FG8aoDpk111prswctf23sVwDAyF_G8bsA0hK7WU0muOzaV2ZusgYDY42Cr4MX91V17KE5vB28-qUp39OFtWef72-1fzzCAo0yzbzX5L5PHsUZhUareC9J_iDyQcUiZCS1P0Tth97x3ftgQFSS5A90xTokQ5e9WSNWDLAtBa2lORhA90tj_ODi&cid=CAASFeRodhPxrZFWrZXymK93jTImfXNdwg&rfl=1%2Chttps%253A%252F%252Fwww.uaua.info%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 07:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 527F 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 02:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 25 Nov 2022 02:01:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D5E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1&C=1

43 B
1014 B

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNWsg6cAml1-ey3VhKuvEdkglCx29lKUs7Cj7IR2kNnLFYlvCADrsLiTAjKVZWG8m-V4w5reebd1CJXZ31adK9VcmAioaM6pnjVG6aTfY4Nnu3sOc3BJEBwqdbdDkRk7SFebXEZHoiMpubRrv4nhxKehn8mwL3mSvdcHB6RKhpI6M8R1Ffs
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Nov 2021 07:43:01 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 26 Nov 2021 07:43:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D5E6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaCQBWx2DtwfMGB40KvOfgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1

43 B
894 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNWsg6cAml1-ey3VhKuvEdkglCx29lKUs7Cj7IR2kNnLFYlvCADrsLiTAjKVZWG8m-V4w5reebd1CJXZ31adK9VcmAioaM6pnjVG6aTfY4Nnu3sOc3BJEBwqdbdDkRk7SFebXEZHoiMpubRrv4nhxKehn8mwL3mSvdcHB6RKhpI6M8R1Ffs
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 26 Nov 2021 07:43:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuqqQTH4Bm1Thc9Ma-HEfE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D5E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECn1GGbvLuWXN5K_r5OzvP0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECn1GGbvLuWXN5K_r5OzvP0%26google_cver%3D1

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECn1GGbvLuWXN5K_r5OzvP0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENmL1rACGKKr77gBMAE&v=APEucNWsg6cAml1-ey3VhKuvEdkglCx29lKUs7Cj7IR2kNnLFYlvCADrsLiTAjKVZWG8m-V4w5reebd1CJXZ31adK9VcmAioaM6pnjVG6aTfY4Nnu3sOc3BJEBwqdbdDkRk7SFebXEZHoiMpubRrv4nhxKehn8mwL3mSvdcHB6RKhpI6M8R1Ffs

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:01 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c03a77ab-c66c-460c-944d-776645e15b45
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:01 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 829e540b-6fd2-4e6a-b6d5-c2b9edd87cb1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECn1GGbvLuWXN5K_r5OzvP0%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5E6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MTQ2MTc4MDA1NzE4ODYwNA%3D%3D

170 B
188 B

34ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MTQ2MTc4MDA1NzE4ODYwNA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:01 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9a34389f-d444-44fb-8de6-57244d9cd236
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2MTQ2MTc4MDA1NzE4ODYwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59F4 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 25 Nov 2021 02:21:26 GMT
expires: Fri, 25 Nov 2022 02:21:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 105695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 527F 41 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 05:50:59 GMT

GET
H2 200 B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=1964084974;ord=27mifu;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC29UwBJCg... Show response
ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/ Frame 527F 61 KB
26 KB 109ms
60ms Script
text/javascript 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=1964084974;ord=27mifu;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC29UwBJCgYdawGsbI3gPO9ZyQBdiW8dhmvZPh4M0O8C4QASD8z8cgYJXikIKgB6ABo__PzwHIAQmpAuoXYq6v0bI-qAMBqgTnAU_QvDhI5Xw-2YMb4EoV6AUNJ9HftVriWu_ixC1bp8eB2LRayTTe-8CdDa0wOPkbwZEwhCaoaKNdWSbJKKZnpf84Ii2tAg3cOJXeTEsfGhmGjcldb-Gm70JXtkD7prIPvLg-Ar_Goul4OfQ3heHqoOXUKnRMYNSG9iaJUmJL1MJvSxW4u7jzKuCalfapeI3BB4UhLfkYr9e_AutS-B9PwK_YKJRss9Ecj5lba6geSnY_D8gnj2kJXyZv9_pfC0gPipJWb6I8kWBvW8UuTCi2fKVMzSYLqPn3VawlmvMp4NeDPBZ3nyFfZsAE_5bD4t0D4AQDkAYBoAZNgAfFgLCwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT94WjDcgTvLbV3gPQEwDYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRodhPxrZFWrZXymK93jTImfXNdwg%26sig%3DAOD64_1nwcSC3sAI4RXOrVWRv4VO9Khvzg%26client%3Dca-pub-8057754752596164%26dbm_c%3DAKAmf-A7uOXfN6RX53GH___iuy9d9n_vi6MhboIIQOTeP1UuV_l_b23IO0OevdluqXvixJuTm7U3DbpAfD9NubHrxK2g9ETm_c-UrLGn4HXhE02ADTV7xEnvau05ed7AXot1OjXAOjfBTTDlSNJ1nizvTmFsQny-qg%26cry%3D1%26dbm_d%3DAKAmf-DcnUXMdoHde3_iVAEqGf_Wrhqaein-IHjcOHDD6i9BmJox9bi5xW4aallxzqe4CHHNpphgnLXMnr2OOAV2j5NKkOd6MauWQER9y8L-5uCqzz361qRExcPiIyA_m3tswhPpkr7Lyr5vhNHeV1ql3r4I-vGUeYFEZ7BYrKoLMSGeJ3YtbWPmH_aLjInX66pE2nZwS69jcLvV904P4xfzifFQiuMFVfSdxcr4vSWc7PEsB_1LYbyz-zq_A-AMARujC2-k_8xdRy0FXs6bMiB-EQbJNWFehqqeEEebgUuWzg5hp-deYLgnk0DbJeyO8JM4TrWQx8IKANdinPYcWGWSLqEUNu9vXvcxZEqIItxrtub_r6AOV3P1k6i0TjiC9H0DpOalHZhRRh68rZE9cfFI4hq8sD8tud74VG6l0fmjPqdGfPljwbaCg2-cEye0SZ1sLPjOZoIe%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.uaua.info%2F$0;xdt=1;crlt=0W')aky5T(;sttr=21;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

b82c3d589a5a85b83057fb5fe46e52f6a240565b0235d23d577c01bf774f13ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25945
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 59F4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 17:25:08 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 527F 169 KB
59 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
Origin: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 12:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 12:48:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 527F 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N238002.3886603PMPRECISIONDE/B26292404.316897482;dc_ver=81.235;dc_eid=40004000;sz=300x250;u_sd=1;kw=15083772455;dc_adk=1964084974;ord=27mifu;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC29UwBJCgYdawGsbI3gPO9ZyQBdiW8dhmvZPh4M0O8C4QASD8z8cgYJXikIKgB6ABo__PzwHIAQmpAuoXYq6v0bI-qAMBqgTnAU_QvDhI5Xw-2YMb4EoV6AUNJ9HftVriWu_ixC1bp8eB2LRayTTe-8CdDa0wOPkbwZEwhCaoaKNdWSbJKKZnpf84Ii2tAg3cOJXeTEsfGhmGjcldb-Gm70JXtkD7prIPvLg-Ar_Goul4OfQ3heHqoOXUKnRMYNSG9iaJUmJL1MJvSxW4u7jzKuCalfapeI3BB4UhLfkYr9e_AutS-B9PwK_YKJRss9Ecj5lba6geSnY_D8gnj2kJXyZv9_pfC0gPipJWb6I8kWBvW8UuTCi2fKVMzSYLqPn3VawlmvMp4NeDPBZ3nyFfZsAE_5bD4t0D4AQDkAYBoAZNgAfFgLCwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT94WjDcgTvLbV3gPQEwDYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRodhPxrZFWrZXymK93jTImfXNdwg%26sig%3DAOD64_1nwcSC3sAI4RXOrVWRv4VO9Khvzg%26client%3Dca-pub-8057754752596164%26dbm_c%3DAKAmf-A7uOXfN6RX53GH___iuy9d9n_vi6MhboIIQOTeP1UuV_l_b23IO0OevdluqXvixJuTm7U3DbpAfD9NubHrxK2g9ETm_c-UrLGn4HXhE02ADTV7xEnvau05ed7AXot1OjXAOjfBTTDlSNJ1nizvTmFsQny-qg%26cry%3D1%26dbm_d%3DAKAmf-DcnUXMdoHde3_iVAEqGf_Wrhqaein-IHjcOHDD6i9BmJox9bi5xW4aallxzqe4CHHNpphgnLXMnr2OOAV2j5NKkOd6MauWQER9y8L-5uCqzz361qRExcPiIyA_m3tswhPpkr7Lyr5vhNHeV1ql3r4I-vGUeYFEZ7BYrKoLMSGeJ3YtbWPmH_aLjInX66pE2nZwS69jcLvV904P4xfzifFQiuMFVfSdxcr4vSWc7PEsB_1LYbyz-zq_A-AMARujC2-k_8xdRy0FXs6bMiB-EQbJNWFehqqeEEebgUuWzg5hp-deYLgnk0DbJeyO8JM4TrWQx8IKANdinPYcWGWSLqEUNu9vXvcxZEqIItxrtub_r6AOV3P1k6i0TjiC9H0DpOalHZhRRh68rZE9cfFI4hq8sD8tud74VG6l0fmjPqdGfPljwbaCg2-cEye0SZ1sLPjOZoIe%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.uaua.info%2F$0;xdt=1;crlt=0W')aky5T(;sttr=21;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 07:27:45 GMT

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame 527F 187 KB
60 KB 56ms
9ms Script
application/javascript 2600:9000:211e:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/774473/57793669/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 295303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: dVwFkDDsUMAuxzSCVWw2nUsg4dVk4vDUT9Ngq3kHoHrDEGy8o1Z44Q==

GET
DATA 200
OK truncated
/ Frame 527F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e415e46bc54ea3e5586d35e20a9973930d57a5af6a1faf54a9bf622176278da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9954 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 25 Nov 2021 02:21:26 GMT
expires: Fri, 25 Nov 2022 02:21:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 105695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59F4 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkzpSBZCgYczTKPHZx_AP0eO7iA8AAAAAOAHgBAI&bg=!JiWlJWHNAAZQLpa_UC47ACkAdvg8WkczOI0_L3e_ouOuEmKUzWkUVRO_vDUq0lEqyiWBiT7xRQEIZgIAAABaUgAAACNoAQeZAsWQnmTVZSqUpNfZ1BE_cc7Ru_ZtvMQAj_MSEZr28kSWnnVMVvBrFa4tahanaZFDZ6d51qnxN4CPcq1dXJgEOR_FgaAp4Tv4TtnBaa0AEiJ2g8wRm_tPTiHDIc_Z3NGr9ndaHzemlK1nOECEl_KG29wT4ekiNPC1_eEv17z20DvLVqa3OFMb91oBgZwXbNdjkUUU3mxxRi-O7U4LdI6VwI0VboBm_SLKuwtBT8KSdGx-KVym5OQB13cR85jMoF8kEVIqNq47AKi2HzvMcwJftZVOXnwFEs_KAetoVXsGe4glGRjHJ5Rb-nhH2t9Ppb22OWHX6Wc2GL7IplqpFUmA9CYExpVuqdP-vNJhMd3p67oLtTD2xj3ldfjJ1vwSDFMy8hGMw9XWThTfQ_6pVYubQ68aBXXzSkA0WUVBoC00t7OSgE39NeiRdxmbA5UBlHYcD5M8cxh-gvC0ISceka8vZo9c24kXLrEK5Sc8JrFic15didZHbvcv9MsZPo5fbSvqaRjN0vpMn2ya1apeSqgZFum-EI4k3K2pf8fX86JK5Cz6FyynDY5xFYMumlvPYMq32hd7gSufDbHdrOjfX5xizqJbKkSnqqT90OZIc644idVojz6PqCefDFt_r-zEQZG-m12gAm4xrfxu7nyVnt00P_ukPNLO5x3MmkWXn8lZWTclt222cyaSoNFReEQMtVzBBLOXs88FZcOHRpDWoIKns2IFuRy1Z03enXjH9gJZeUBkk88KrbkcbSYjzNzRApEtk8ayvbXE4AodVM9tB8Y239Woojm4PBYu13RX2u3xn3nq0jvgvhr8UelWcOovsxT41qVQL78zC2ftjt3NfKdAFJy_naYwfJMQjiiPecsjFaSjbNJdM_TRFc_JIRNj9SLAV6V8eOZVXQb6b1QjR45pk9Hh4raHTVM-7YCvJ29KoTapHOHvyTvB

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9954 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 19:39:44 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12595753840344563712/ Frame E843 10 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e7e796b2d6bfc1b3d455c1c3a6219b15d3570aeeb1e30f49b376be8e5efcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3081
date: Fri, 26 Nov 2021 07:43:01 GMT
expires: Sat, 26 Nov 2022 07:43:01 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 527F 0
524 B 69ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTVp3ot1y57r1rHJ_QS4gzkXXxLzpTNXg5lr-H_mmxSrjogjBrmXYnUGCpS99b6X5Wecv9MsLJLeLThoHSZpv_4qrYROSORC370R-VnYspRydivzvLbGrBkCSizJv648j0v3440KTUEwr5BlwBitjI&sig=Cg0ArKJSzFVQBgKPefILEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=63&cbvp=1&cstd=56&cisv=r20211111.75981&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 style.css
s0.2mdn.net/sadbundle/12595753840344563712/ Frame E843 7 KB
2 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

992d4d6b7fc5fa7f331c55ea8081376e031d2785411a6584010f48e94c5f4ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1662
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 14:54:34 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E843 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 15:50:37 GMT

GET
H3 200 CustomEase.min.js Show response
s0.2mdn.net/creatives/assets/4314432/ Frame E843 7 KB
4 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4314432/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e828e6ad4d3fd31aff91f5e557efbbd3eb175eecd76de5fd226ceb94406151e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3639
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 07:50:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:03 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E843 60 KB
24 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:43:02 GMT

GET
H3 200 EON_BrixSansWeb-Black.woff
s0.2mdn.net/creatives/assets/4313292/ Frame E843 55 KB
55 KB 12ms
11ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Black.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f507503841f44ee6ba0104d59b7ce4a80162d2cb809314d6c15fcdf089b0e4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:00 GMT
x-content-type-options: nosniff
age: 722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55954
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:18:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:00 GMT

GET
H3 200 EON_BrixSansWeb-Black.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame E843 43 KB
43 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Black.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4d5008015a20efea096181df1f1964538b745ea638a4197514d05b6c2341a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:01 GMT
x-content-type-options: nosniff
age: 721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43744
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:18:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:01 GMT

GET
H3 200 EON_BrixSansWeb-Bold.woff
s0.2mdn.net/creatives/assets/4313292/ Frame E843 58 KB
58 KB 17ms
15ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941a3724badcabfe2080512c8f398df7626d38270e8f76c253666356955f3dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:01 GMT
x-content-type-options: nosniff
age: 721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58905
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:19:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:01 GMT

GET
H3 200 EON_BrixSansWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame E843 45 KB
45 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9a0f95ede822b1959d214ca0189f6b6390c3196696d4e54ea9141bc200cea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:01 GMT
x-content-type-options: nosniff
age: 721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45704
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:01 GMT

GET
H3 200 EON_BrixSansWeb-Regular.woff
s0.2mdn.net/creatives/assets/4313292/ Frame E843 58 KB
58 KB 20ms
19ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c324008782d78640ecf39d78c8e7c12f7bc1fca88fdf78eb778a51916ab4219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:01 GMT
x-content-type-options: nosniff
age: 721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58883
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:01 GMT

GET
H3 200 EON_BrixSansWeb-Regular.woff2
s0.2mdn.net/creatives/assets/4313292/ Frame E843 45 KB
45 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4313292/EON_BrixSansWeb-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d0c47ebaa25efb04b800f2c5a886a2b14e7d812858b49a2f9e9a24cbdf42f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:00 GMT
x-content-type-options: nosniff
age: 722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45764
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:22:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:00 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12595753840344563712/ Frame E843 8 KB
2 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12595753840344563712/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66c77d8ff2941db7db72681bd8d20a098471a512bfaf2df207bac6b764fb1e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1976
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 14:54:34 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 527F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/774473/57793669/skeleton.js?adsafe_url=https%3A%2F%2Fwww.uaua.info%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa3f87731474ff8b878d4bd97c05e1bd3.safeframe.goog...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

7ms
6ms

Script
application/javascript

2600:9000:211e:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:211e:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
age: 12265626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 9fQFhZVeybfAeTUZaMmL24vVZjSp-jRKQR-kaU3-rg3gHR5a4sepIQ==

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:02 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1146 80 KB
21 KB 7ms
7ms Script
application/javascript 2600:9000:211e:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 4836872
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: ejfA_QAEeNN6523KVpQwyzMhSMKg5ifHiKRf778RGktmmf4PprJA8w==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 279ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3But2,pingTime:-3,time:169,type:v,im:%7BpBlk:150%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:134%7D,%7Bpiv:0,vs:o,r:l,t:169%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:169,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:02 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 300ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3But3,pingTime:-6,time:170,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:170,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.uaua.info*&br=c
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:02 GMT
X-Server-Name: dt47.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B161 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.uaua.info
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.uaua.info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 26 Nov 2021 07:43:02 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 283ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3Butq,pingTime:-2,time:193,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:39,bdZ:178,beA:280,beZ:281,mfA:400,cmA:402,inA:402,inZ:405,prA:405,prZ:409,si:414,poA:415,bl:430,poZ:430,cmZ:430,mfZ:430,loA:449,loZ:451,ltA:472,ltZ:472%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:134%7D,%7Bpiv:0,vs:o,r:l,t:169%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:193,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B24~0%5D,as:%5B24~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:57,readyFired:true%7D&br=c
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:02 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
DATA 200
OK truncated
/ Frame E843 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3541a291c616524557d75d04f5bf296fca63f3ee5ca5df78e045e48eaba9dcc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E843 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887a71da48b4df1b36827f3437af336dc249878d36e97634328534860a0c0ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icon-i.png
s0.2mdn.net/creatives/assets/4313155/ Frame E843 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4313155/icon-i.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12595753840344563712/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d31a55ac6a80651bdcc96fcf6ad9feadb814068fd6e9a7ea601d9535ab181f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:31:06 GMT
x-content-type-options: nosniff
age: 716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 16:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 07:46:06 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 527F 0
23 B 58ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTVp3ot1y57r1rHJ_QS4gzkXXxLzpTNXg5lr-H_mmxSrjogjBrmXYnUGCpS99b6X5Wecv9MsLJLeLThoHSZpv_4qrYROSORC370R-VnYspRydivzvLbGrBkCSizJv648j0v3440KTUEwr5BlwBitjI&sig=Cg0ArKJSzFVQBgKPefILEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&vt=11&dtpt=162&dett=3&cstd=56&cisv=r20211111.75981&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.uaua.info
URL: https://www.uaua.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E843 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f95ecbb72779dfccb049e97a3196b8d238f828538ae5926fbf49086e1a0e2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 07:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5306
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E843 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 07:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 07:43:02 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6552 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.uaua.info
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.uaua.info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 26 Nov 2021 07:43:02 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame CDAD 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 17:25:08 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 227ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3Buvm,time:313,type:e,im:%7Bimprf:%7Bttecl:480,ecd:7,tsecr:45%7D,pWait:4%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:116,o:197,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:i,t:197,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B116~100%5D,as:%5B116~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:02 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9954 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHMmzBZCgYZXLMuDC7_UPh-Se0AQAAAAAOAHgBAI&bg=!JCelJ2PNAAZQLpa_UC47ACkAdvg8Wjnzh-YpKVE-YCodMM5VIUZqbmS3tGjSlpOSs4lyv2MRLIa1gwIAAAC9UgAAAAdoAQcKAJhXWIwt0wIsuL-wnGYWzISqjfHENG5NL0oCKCxvo12LgJtj9_TPOFgHMY_kF2a0gg0pREmOfjtKCKprw7PuKuTsPyHeuuyfTucmRwFDtyt4Yro9XkgdrnrtW8Nh3dcJuB25ik3vJ-bBkqpXmQM0oc0RIZv-4FtLovYR0UJ93h-baRcz6qc-caq7SIZfmdLF1M6U8MhRXyF8kJkC0kE2lK0Kv_TytbrQOkBHllbh13fJd_6iZs1LPE77_-wJm39WpQjDZCS5m9hP4E9cO5Xa0gdvoTzbPmeRUCqwUaEeQopQ-FP45zG8BxSAXLvRkyH86R8SjVIvgOiIviTfXb7xMEuivZ4eSNEr4NGQwdqg46XzOk44OsT49DB0DeKspD26ikAzbX5Y9i5waYqEuXeeJ3rV2FF78hjsuVuvGnX29iQi_8kzghtEEmU3KzrajX2joe9yc6DUs0Dq-218HgJCjACa2z6s7Tk61UPkRANmD7yLYzRiToKZYaFwZ8eLkkxP09tX2kDXBrsmWNT4lPhhICivAjOw8j6ZGLiF4Z9L9-E0Yb9TX457GjsArkLEHOujH2kPFtEDstHT38g2LtdmywPLrHfRB7aoDd3ycH_WSwamWYvOtAVUiZsIm3ALpdV5NAgMkZLa0P5QGgb-oqiTErnj2ijPlsB7oSoWFsKgMbEDBvpblYssStdHR1b5vn72HWbpmRFervmNoIl8u1H_xoeFIcnE8gkp6aKOIxIkTr2qEudbr0kJvyic9nAg1MC7u4dpFeNWLVefw0amaKwT_qxRAmlTKxRbGCXDepTKsGrLUZjmM2vdX1g1zNrtyinG6CExuUcqXle_1n-KtYteBUoh2ogeM-LZf7PLDh0fnpcI5pHZ6kjOvp0nOwiHkI08zvLY81G_cvwo5UVV02mlACm4b-zImkANvcyq_tpu6nZc1fc580mGB1wOmFZ1SwGMhVW9-Dwe_f8zCwY8mhY735hgVZ5L4m3xPXopQtE-oGnkJamSCBuWwKtcrxlL0X1vqIwtwMRDya5vd50g-xWt8MnRQLwMcrXaSolsV1tWRx9O0Fmis2Bvy-haIbQQ3eOZS6yfDicAQkcHCxxaVL9biu1eQVAZg61kkFm5eFe5tuYmpmxFQe_bBC00BcSkgnyPvjjpd3-PtbaDdsJ7OmHl

Requested by

Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 94ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3Buyc,pingTime:-10,time:489,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1637912582376%7C%7C7734527a5a8b06691366e1ba888144c7%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C6f79649b65526699f935fa3d9ef4dd73%7C%7Cf69559fd90993cbcd0873392641a1135%7C%7C414ab91db21d70fce3a6d8963a83e95b%7C%7Cb1cd40a532404c6682927f9cc4aa38d9%7C%7C6c4e671018c4aabb288e9ecd18d1f94b%7C%7C1629390669%7D
Requested by: Host: a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
URL: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:02 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 sparen3-gut-300x250-push1.jpg_1637231250575_sparen3-gut-300x250-push1.jpg
s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/ Frame E843 24 KB
24 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/sparen3-gut-300x250-push1.jpg_1637231250575_sparen3-gut-300x250-push1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb299018945d4762f93f77abaaf56379fe5a7a72bead6e62fd45f8ad26860ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:54:26 GMT
x-content-type-options: nosniff
age: 578916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24901
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 10:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:54:26 GMT

GET
H3 200 sparen-300x250-push2.jpg_1637231250575_sparen-300x250-push2.jpg
s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/ Frame E843 9 KB
9 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10898736/s0.2mdn.net/creatives/assets/4294625/sparen-300x250-push2.jpg_1637231250575_sparen-300x250-push2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c50271fbe7088cce553c0dd7c52606c6b4f706188d979320adf6a685ff1d691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12595753840344563712/index.html?e=69&leftOffset=0&topOffset=0&c=U0xKnoi9HI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:54:26 GMT
x-content-type-options: nosniff
age: 578916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9302
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 10:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:54:26 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 95ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3BuAl,time:622,type:e,im:%7BpLoad:587%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:425,o:197,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:i,t:197,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B425~100%5D,as:%5B425~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:02 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAD4 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiNW_FGUm7vRTVsN15WVxYrSeTYvBge3dEdYgMylXVJREFzlfb6jqMmXRyo2wNX_elWSZLW7lGDcJSDti8qYouLRK31iU-Y-Cev8HyZmtDbLqx1kPg&sig=Cg0ArKJSzGLFncl6IbXLEAE&id=lidar2&mcvt=1000&p=462,970,562,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3933641206&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637912581617&rpt=85&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.uaua.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 527F 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJ4zXetzIBzHXZrY7mDnkI_99KZSr_LyB44R0B_JJDaxid16gYu93kOnVskAsB-s_HTRcVwp57CAmKArOWB5SsWtbRodiPNZmupkIr2tPeyGbbqrBycw&sai=AMfl-YR6dS7N1BNOYDXZC9RLREeeIOiZENayx8X9xBs5kiJ1qurAPEZPd3ApfDu_ybIIQ-amu_sQG6cYOzNehnZVpka2nsqE2ROUNhJV10T2lc0xybKJxthFqV27Ejh3a2X8&sig=Cg0ArKJSzEcRJteRcF72EAE&cid=CAASFeRodhPxrZFWrZXymK93jTImfXNdwg&id=lidar2&mcvt=1001&p=192,970,442,1270&mtos=929,1001,1001,1001,1001&tos=929,72,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4146076240&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637912581608&rpt=293&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 527F 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvsapJBxxQmNfGklwVVi80JAOwGMy-lr0KZMWho3kHFFRypA0lgwC7XI7mXWuVOuSynJSXk2pfXYtronIu8_FaYo4e61jSa7I&sig=Cg0ArKJSzIVSdzek0sZPEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=1964084974&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637912581608&rpt=367&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:43:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 97ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3BuJC,pingTime:1,time:1197,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:134%7D,%7Bpiv:0,vs:o,r:l,t:169%7D,%7Bpiv:100,vs:i,r:,t:197%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:197,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:i,t:197,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:03 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3BuJD,pingTime:1,time:1198,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:134%7D,%7Bpiv:0,vs:o,r:l,t:169%7D,%7Bpiv:100,vs:i,r:,t:197%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:197,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:i,t:197,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:03 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 527F 43 B
301 B 97ms
97ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=774473&asId=3068bf6f-43e6-909d-3ab2-1a7baaefc9e8&tv=%7Bc:v3BuJD,pingTime:1,time:1198,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:134%7D,%7Bpiv:0,vs:o,r:l,t:169%7D,%7Bpiv:100,vs:i,r:,t:197%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:197,n:168,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:134,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:168,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:i,t:197,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sPR0gZ9+11%7C12%7C13%7C14%7C15*.774473-57793669%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 07:43:03 GMT
X-Server-Name: dt47.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dm.hybrid.ai
URL: https://dm.hybrid.ai/bobid/features

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.uaua.info/	1970-01-19 23:28:32	Name: onlyMobile Value: 0
www.uaua.info/	1970-01-19 22:58:46	Name: XSRF-TOKEN Value: eyJpdiI6InlFcHFUQ2VRaTJFTXdIRmVLRjNHRnc9PSIsInZhbHVlIjoidXFJRmg4QUgralFVYSs3UGIxOEorQUtqZ2tDa0NYNEVxd2FydWtHMTZCWnZtNndjYlwvZTF0eEhIcXZnNUhPR3lFdHFVVXhTQ2l5SE5YdUdsS2FUOUpnPT0iLCJtYWMiOiJkMTgzN2E2ZTNiODYxNjhhZTRjMWMzMWE1NjhiZThjOTcwMWI0YmM5MWJmZDJjZjQ3N2FmZmIxNWUwMGE4ODNiIn0%3D
www.uaua.info/	1970-01-19 22:58:46	Name: laravel_session Value: eyJpdiI6InFUNzFTOXliUGRBNjVWUSt0TDk1b0E9PSIsInZhbHVlIjoiY2VxXC84TXhpbXNrYjRuNDlxVk1DdDE3bHZMQ2FUQVZmaWU1QTVSWDdcL1dzeHhRUVV6akVob2lDU3MyakxmNXNWTnBZd3RocURCQ25RMk9nSHp2VTFXQT09IiwibWFjIjoiNjQ5NWM2YjQyNjA5NzA0ZjZhZTk1YWMwMTVlNmEyYzJmZDk2YmZhOWQ5OGU1MzYyOWQ0MGE0MGRmNGNiNTA0OSJ9
www.uaua.info/	1969-12-31 23:59:59	Name: b Value: b
.uaua.info/	1970-01-20 16:29:44	Name: __utma Value: 38145660.153117899.1637912580.1637912580.1637912580.1
.uaua.info/	1969-12-31 23:59:59	Name: __utmc Value: 38145660
.uaua.info/	1970-01-20 03:21:20	Name: __utmz Value: 38145660.1637912580.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.uaua.info/	1970-01-19 22:58:33	Name: __utmt Value: 1
.uaua.info/	1970-01-19 22:58:34	Name: __utmb Value: 38145660.1.10.1637912580
.uaua.info/	1970-01-19 22:59:58	Name: _gid Value: GA1.2.880369151.1637912580
.uaua.info/	1970-01-19 22:58:32	Name: _dc_gtm_UA-21312970-38 Value: 1
.uaua.info/	1970-01-19 22:58:32	Name: _dc_gtm_UA-21312970-39 Value: 1
.uaua.info/	1970-01-20 16:29:44	Name: _ga_883FW2Q2JF Value: GS1.1.1637912580.1.0.1637912580.0
.uaua.info/	1970-01-20 16:29:44	Name: _ga Value: GA1.1.153117899.1637912580
.yadro.ru/	1970-01-20 07:43:30	Name: VID Value: 0hiLH92EKnuD1Xe9040007y-
www.uaua.info/	1970-01-20 16:29:44	Name: GN_USER_ID_KEY Value: ce8f65c9-23c1-4eb6-b227-3e8e67346f32
www.uaua.info/	1970-01-19 22:58:34	Name: GN_SESSION_ID_KEY Value: f2739529-3026-4a3c-b0c4-c706bfc56030
.uaua.info/	1970-01-20 01:08:08	Name: _fbp Value: fb.1.1637912580531.1785898890
.facebook.com/	1970-01-20 01:08:08	Name: fr Value: 07Xmv3TvviPeZ0Am1..BhoJAE...1.0.BhoJAE.
www.uaua.info/	1970-01-21 02:45:12	Name: lapuid Value: 21b61974-0fe8-40f1-8a97-b514c63ba2e5
www.uaua.info/	1970-01-19 22:58:34	Name: session_id Value: b94de4d5-b8e5-4730-a9f9-73b5380f6a6a
www.uaua.info/	1970-01-19 22:58:34	Name: session_pageview Value: 1637912581.1
www.uaua.info/	1970-01-19 23:41:44	Name: site_visited Value: 1637998981.1
.adriver.ru/	1970-01-20 16:29:44	Name: cid Value: ArfD4v0V_hFAEGUvNxBEEJQ
a4p.adpartner.pro/	1970-01-21 02:45:12	Name: apuid Value: 21b61974-0fe8-40f1-8a97-b514c63ba2e5
a4p.adpartner.pro/	1970-01-21 02:45:12	Name: apudmg Value: 1
.uaua.info/	1970-01-20 08:20:08	Name: __gads Value: ID=f3d8e60bbd938713-224f3c9002cc0094:T=1637912580:S=ALNI_MaMqcjcroxWPurTgMWdGpYv4d5xiA
.doubleclick.net/	1970-01-20 08:20:08	Name: IDE Value: AHWqTUmBnB1-yH63abi1SYeng8r3QINlP-u5k1cRomPzi1VpKKoQk1Ka0qO_OWv755w
.casalemedia.com/	1970-01-20 01:08:08	Name: CMPS Value: 5204
.adnxs.com/	1970-01-20 01:08:08	Name: uuid2 Value: 4661461780057188604
.adnxs.com/	1970-01-20 01:08:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQXSjs#!1yIE`fS1ueD1W-044)d+]Uf_FFahX@=D-y-tYgx-JIDFC[DpP.SMbr[P%B5.g4dkXstGt!@HeM)U!lQ
.casalemedia.com/	1970-01-19 22:59:58	Name: CMST Value: YaCQBWGgkAUA
.casalemedia.com/	1970-01-20 07:44:08	Name: CMID Value: YaCQBWx2DtwfMGB40KvOggAA
.casalemedia.com/	1970-01-20 01:08:08	Name: CMPRO Value: 1150
.casalemedia.com/	1970-01-20 07:44:08	Name: CMRUM3 Value: 2d61a090052760CAESEEuqqQTH4Bm1Thc9Ma-HEfE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.uaua.info/(Line 1253) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v113355&s113797&t0&c1&n308005&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.uaua.info/(Line 1253) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v113355&s113797&t0&c1&n308005&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3f87731474ff8b878d4bd97c05e1bd3.safeframe.googlesyndication.com
a4p.adpartner.pro
ad.adriver.ru
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.gravitec.media
c.bigmir.net
cdn.gravitec.media
cdn.gravitec.net
cdn.sendpulse.com
cm.g.doubleclick.net
connect.facebook.net
content.adriver.ru
counter.yadro.ru
dm.hybrid.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fp.hybrid.ai
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.bigmir.net
ib.adnxs.com
img1.uaua.info
masterh5.adriver.ru
pagead2.googlesyndication.com
pixel.adsafeprotected.com
s0.2mdn.net
securepubads.g.doubleclick.net
servers1.adriver.ru
ssp.hbrd.io
st.hbrd.io
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ua-content.adriver.ru
uaua.info
web.webpushs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.uaua.info
dm.hybrid.ai
104.244.36.20
142.250.184.194
142.250.185.226
142.250.186.98
146.59.18.237
193.239.68.97
193.239.71.100
195.209.108.38
2.18.234.21
213.174.135.1
213.174.135.2
216.58.212.166
217.16.18.206
2600:9000:211e:5400:8:48e:53c0:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a02:6ea0:c700::1
2a02:6ea0:c700::4
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:e5:face:b00c:0:4420
31.28.167.67
37.18.16.17
37.252.172.249
52.174.47.89
52.212.254.206
62.244.10.86
88.212.201.210
88.212.240.204
00fcfd9db06df0f607122c0b8462339cb4690e49e35a40313980eb53ee0a3a73
011e9acd4664b36779a9e5c51b8313a80c4cafba317952ab01bc6ca7ea3b46d4
0132266e721e15b771173934d3af6ad2d614bb0d34fbb1f3d413a9239a6a7433
021f273dabe9f57dba75e3ed22cc97e1d93ff26b27f221507c08f2c50bcd152f
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06fdd873de7ce654410b703e2186a6010d1c1d85a76aaaeb9982e4ce9634afec
083e4c7fbc851be00dd7190e15deaff4cb70933cac1edd5752e6793c753950a6
08b54658c816f1537466a8e674f3710ca6ea559af8af1a3d3e5b1de7579e96e0
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de864df0780a2ba0d39903bcbb81c9496cd219eb1b004a9a401e5927a2357cc
0f791a2c17a181baecc5e75e58b1b115c41c00c5a8f0c522336c72d6173234fb
0f95ecbb72779dfccb049e97a3196b8d238f828538ae5926fbf49086e1a0e2a3
104865e1fcbd53d2617133a3f11fe844562cc5b819fbd0df5961e6c6eda48a66
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11eef7ee65ec70e3faa438abaa3a446cea0c1478cbeb45914c05d7464a5ef342
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fffbdae0bba05b0fb898805e2e8e1ec67a44b29b04bf2f84333c30cdbd6a4b
16bb9ba914b0349a790887b310cb59deb6f2877eaa6d03d776bac0eac4c9c6e0
1983522fff0a407fc3b2763241976ebd3c1833be613b7b976412a2f84ba0adb0
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2047ca7806b07236034a12b61969ef614d8d685470d1f4724a0e8af54408f58f
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
247b0b862f4f3b4a07e4053c1e2c48b422f12e9d89c3c3aa482555cc7d4ea173
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
267312212c37ded7e07e71d134b1d3927dc91b973359719760eccfefb95c284d
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
294ef05f7abc4b80480d6a3ff65b7bc3bb42cc69d8c20cb31008b5ea11ea35a4
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2d0c47ebaa25efb04b800f2c5a886a2b14e7d812858b49a2f9e9a24cbdf42f4a
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
313eff82599625975f2f33218a16c5850c6a24940f4969144dff030c636f4786
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3541a291c616524557d75d04f5bf296fca63f3ee5ca5df78e045e48eaba9dcc4
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3877ef4b1ede5982a9557558b81d21b5367c012f806fdffd1ce1955dc4546384
3c50271fbe7088cce553c0dd7c52606c6b4f706188d979320adf6a685ff1d691
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f181371a6525a1011821cab77b0e2bff0b30c04376e05b52972930a1c407033
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
409a40cfc4fa8cd0853f815a19f00bcbc7ee1d425c3cc95e45e471986b6da727
412fd1e0fedad522c5652031ff52639d51b6aac5559c2b2418845afc80c08835
485e89a70c2eb2f522dcb088bccac70655c09a0bf532ce366a78c1994388a150
49bd7eec18d0abae0a20206225d056ee791e78821248b419119e723d6d4d1600
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc8433b4f058f2277a693e60a0967161ff4c0621d1e04fb4835e0b00176a261
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5144319e511c20e5f322a468f7235624551c9c518c6fd5b2b3a6e38669d107bb
51ad3908bb0b147da868771c7051215702e3dd5389e26ddb53e72b41caee05bb
525fb39c8f6a5e767c350be0efc428fd1f970ff60b5e7989f52a9a030d406553
55220d820609c10413ed4a2f9fe3085112f53a429666b14f130536728479a8ab
5542d12e2e297bece853aae77a184c86c8fe0ca691cf09e1898716bb2661a8e9
588859b7231b966294409e7edb1dd318142c5f1e3d8d2c258f717d988cc01c1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5f4d5008015a20efea096181df1f1964538b745ea638a4197514d05b6c2341a9
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61e68a8b26c061a5701283f3ccd7e086662e49a1e41c4b9969ca877e14dfa4d2
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
66c77d8ff2941db7db72681bd8d20a098471a512bfaf2df207bac6b764fb1e42
68aea4934f75c4e582e03920356a914e47b12457dc6ee22fd0267673cff49773
6b24bef701d436966595d7c759661d36354715e0b4f11cd219a2b7bd10de39eb
6b923e2ad6a7e412a6d5ff238543bb28540a6ab53cbea2f7ea6ee5a43da8b952
6ced124b732ba6de9630611bf77c30571d59db868c063ab9b17a73535a9a2027
7170b733d833751c5a054598db93cb06aa3573194556a1adfd242e6c271632c4
724054d6ba09e989bd115d3b8af9b3eb74fd3a49dfb520c5aa715fc81973f8ef
7389b6c81ac373383a907311db0050a72016075bfd56662a62adb423a14fc9e1
75d0b3500bec5c90fc77886c5e3647c13de7b695b77b7001e3f767b85039d7b2
7c324008782d78640ecf39d78c8e7c12f7bc1fca88fdf78eb778a51916ab4219
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7e415e46bc54ea3e5586d35e20a9973930d57a5af6a1faf54a9bf622176278da
7e5f393885b9882bce8b35ffa2f1281ed5662bc1d3c9358e24576de435458dc6
7ed5553377d2f30f1bd853f75f1d305017c4b6b64673b7527947999f8d11faa0
7f8e7e796b2d6bfc1b3d455c1c3a6219b15d3570aeeb1e30f49b376be8e5efcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8413922a0b540fa9d35fc4394faaf22fd99483cc74c223c90acd3cdb74abddb1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8719e02a894e1813d02ca2ba384f11e93f73f06f85cf3fc0db55d8045ed204f2
87c922d1f681b686fc57ed8df35145aa414426a26f3265b4db3d90c21d77c965
887a71da48b4df1b36827f3437af336dc249878d36e97634328534860a0c0ac1
8a60f9afc97c2bb4df0dec75460cd0ca83b355e178fbd01004a591d276256429
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aa3f87956c6328a45787ea525797b32966fb3ee6f326632cc88e16247d97f19
8ae8fb7d5086876ba7be99519212916b810c082b21328b1df9fdb82e062ec12f
8d31a55ac6a80651bdcc96fcf6ad9feadb814068fd6e9a7ea601d9535ab181f8
8f6dd40e6bdda249dd82ea2ab1a2cb3dea104dbcd762cb0813397d8756794186
90250c50d0b951a8e5ea9a7b7d838a97abfc94c7c057fd764e6167c82a649108
941a3724badcabfe2080512c8f398df7626d38270e8f76c253666356955f3dc0
959ac63a5eafa273aeddab46e85e17a1f4883ea0e6d22a1da6086bed8fad1ae1
992d4d6b7fc5fa7f331c55ea8081376e031d2785411a6584010f48e94c5f4ae8
9d195888bd560fef1acea270d3308c52ce951ca24e084d19e7accafc94584e68
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5541969d06300c5d5931fe089e6fff6197ec0ea984637af1b98f8b3f30788d3
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ece6a67ed97b939806caaf2656ecad66b6c7a0c18b674b7fca747d9d9d9bd8
ac174589a5d24d6d23bad4cd2fe6defd196f3542883297e5b10e03a58963c33f
ae6c17f6a293dd9309bd35c8e446f02bfe964fc261abb8cee46c5eae990dcf4f
ae9a0f95ede822b1959d214ca0189f6b6390c3196696d4e54ea9141bc200cea8
b01ad27ad950588f920dd4770891324a88bb0c09f18ea0276bbacc122b8e895b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b199607d6ae86cfd29170bc82cb358c9a423d4510ff374f5c7733222c2e78fbf
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b64f9137e2776309b3df167adbc4a945178b6e8da8f44e302f568aed58ac2ea6
b82c3d589a5a85b83057fb5fe46e52f6a240565b0235d23d577c01bf774f13ec
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bbd422bff2f3ad365a64f3f6b52fcf622d316c11d4d492277b20a373c0f0d400
bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c8e1e79f24cfa83daa7ba7c1a6e7172b0a7eeb5c24dbb6ebcdfebf04be30c446
ccb299018945d4762f93f77abaaf56379fe5a7a72bead6e62fd45f8ad26860ea
ce726ae134a565cfe34ff460c4368f21d395808353c63c6588a1657cc9157e13
ce904e7bae839a116a33cff7ebc9b65ded9990c7bb037264ce9a21f24f0c5b29
cee617c71a6daf3b07b36564b2fe176f393a3d32ef0b8393ce28dc48e4a4a392
d53745536a01515596230f286e70b16b622fc64217990dd1202c2139b7950ef3
d5a10121d468fc4c70d838b7ac026184fff33a31ac83e032733d85cb0b38289a
d78af44b7bd70212195a93c78c8399b2ba9d7a1179c0fbd09df502525eea97f6
d8e6786c6bf10f537af10f604c2e8a187510857567d6c9019664d22bc793175f
dc3b35e06898f93f655553af0301e5d8079e9fd1c07075a1afe148c904b4adaa
dcc0269dbfb7a04ec2e14bcbb247d6e343de0f5ceb890e330e292434f17fffef
e25242d751c4746815df9e0505856aca0e8da456a1cfebfbf541244595dc3150
e28bcfefad2c0f3f491619132330d80cd2d4b2e138d947cc93c673a326e70b1f
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4168186be7967ce91530be5fbdbef469fce9622f1f93a6e340c7fd8b5d1961d
e5acacf8db02a1f506797c8bb2c10fd76026f0a99ae1ae4912c32762e0f5f615
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e828e6ad4d3fd31aff91f5e557efbbd3eb175eecd76de5fd226ceb94406151e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f311a8d54d44aa879f1094c5dd3c0b1f93168bac9d12229db4c22327992aa4d7
f37353120ee584f02a5391be77cfb16536dca891c6143b46bb1c2a962f57e3ac
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f507503841f44ee6ba0104d59b7ce4a80162d2cb809314d6c15fcdf089b0e4d8
f93a94e84a7b503c1817d985f10db35fc1bb7052084f1880d1cd091f174b6e10
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9affa55d4a536da5fe380aec4ab44cac4380d0becf789474606f97f64cf4290
fb169e42607dbe8372ec4d69f0606b8429a1b0c2c25358d7b45e222bd955c786
ff3fe0ba9be1af219bc9703b3aae5fc658953688fd53b0f9d3e86e2cfd8968aa

www.uaua.info Open in urlscan Pro 62.244.10.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

202 Requests

94 %HTTPS

46 %IPv6

27 Domains

48 Subdomains

40 IPs

8 Countries

3187 kBTransfer

6372 kBSize

35 Cookies

16 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.uaua.info Open in urlscan Pro
62.244.10.86 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

94 %
HTTPS

46 %
IPv6

27
Domains

48
Subdomains

40
IPs

8
Countries

3187 kB
Transfer

6372 kB
Size

35
Cookies

202 HTTP transactions
4 data transactions