sum.in.ua Open in urlscan Pro
195.242.161.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sum.in.ua/
Submission Tags: falconsandbox
Submission: On February 25 via api (February 25th 2023, 5:49:21 am UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 9 countries across 24 domains to perform 97 HTTP transactions. The main IP is 195.242.161.64, located in Ukraine and belongs to FORTUNE-AS, UA. The main domain is sum.in.ua.

This is the only time sum.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	195.242.161.64 195.242.161.64	47434 (FORTUNE-AS) (FORTUNE-AS)
33	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	104.18.3.81 104.18.3.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.149.12.213 34.149.12.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.28.147.41 52.28.147.41	16509 (AMAZON-02) (AMAZON-02)
2	213.254.244.109 213.254.244.109	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
97	27

6 195.242.161.64 (Ukraine)

ASN47434 (FORTUNE-AS, UA)

sum.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.3.81 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.141 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.12.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.147.41 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-147-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.109 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	439 KB
21	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 ad.doubleclick.net — Cisco Umbrella Rank: 171 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	101 KB
8	doubleverify.com 1 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 475 rtb0.doubleverify.com — Cisco Umbrella Rank: 694 tps.doubleverify.com — Cisco Umbrella Rank: 511 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 14634	133 KB
6	sum.in.ua sum.in.ua	130 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377	5 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	61 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	127 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	818 B
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9857	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	960 B
2	i.ua 1 redirects r.i.ua — Cisco Umbrella Rank: 186287 i.i.ua — Cisco Umbrella Rank: 472351	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	89 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	460 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	544 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	864 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	34 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	601 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 177949	756 B
97	24

	Domain	Requested by
25	pagead2.googlesyndication.com	sum.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com ad.doubleclick.net
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com sum.in.ua
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sum.in.ua
6	sum.in.ua	sum.in.ua
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.doubleverify.com	1 redirects sum.in.ua cdn.doubleverify.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net sum.in.ua cdn.doubleverify.com www.googletagservices.com
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	counter.yadro.ru	2 redirects sum.in.ua
2	x.bidswitch.net	2 redirects
2	eb2.3lift.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	connect.facebook.net	sum.in.ua connect.facebook.net
1	tpsc-frc.doubleverify.com	googleads.g.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	secure.adnxs.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.hit.ua	sum.in.ua
1	i.i.ua	sum.in.ua
1	r.i.ua	1 redirects
97	35

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
www.i.ua
hit.ua

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-04`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 15 frames:

Primary Page: http://sum.in.ua/
Frame ID: E823030469494D5CAC32BEF1FD833758
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1677304155&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1677304155412&bpp=17&bdt=259&idt=291&shv=r20230222&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&correlator=7253468349085&frm=20&pv=2&ga_vid=145421815.1677304156&ga_sid=1677304156&ga_hid=632861080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759842%2C31071756%2C21065725&oid=2&pvsid=25899346188116&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eNCy4IJyQp&p=http%3A//sum.in.ua&dtd=310
Frame ID: 4860C95AB2869AC9E8B07A39AC11FBFE
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd88df760ee2c%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ffbe98a78e384d%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small
Frame ID: 64CC835E541F867F40980E8C54A2FB02
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 3EFECA2236CB1C48A689CF02578ABF70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 5733A4D202D8959D874A674138D87B19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1677304156&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&dt=1677304156480&bpp=2&bdt=1327&idt=2&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db99de7d79410aa72-2289badf22dd00d8%3AT%3D1677304155%3ART%3D1677304155%3AS%3DALNI_MYzww1AYkhtCD0yhfBrQfkQpd3mRg&gpic=UID%3D00000bbbedc477b3%3AT%3D1677304155%3ART%3D1677304155%3AS%3DALNI_MZi0WUZoUU-yMeKHk1AcidgJQ7Pdw&prev_slotnames=6868198912&nras=1&correlator=7253468349085&frm=20&pv=1&ga_vid=145421815.1677304156&ga_sid=1677304156&ga_hid=632861080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759842%2C31071756%2C21065725&oid=2&psts=AD37Y7t_XjzO-m1aBdxlsZ8SKpsxd6jD-9J9yCsWG5kQzsFqipQW3R66JvfYA_c2_sIEtdbeNMxaNWK_w_IUW0FtEw&pvsid=25899346188116&tmod=83335841&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=27
Frame ID: B109DAEF1499317D660B7B24088B53AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B120F4C1900158931E1EA4CE84C778CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAB67D71E3A80E646F3CC66995CDFD46
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 09983CF98FF4F3FF313A651F9CFAB7F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjYju2lATAB&v=APEucNUNM5tza-BOzgd6H3dxDYlb8MglfelEyLn3U8PDjoPUagBC8Z2UJSK68tsyOyIZhWmiG_rgT6f9o0Vrkpi5EJXJ-sqPi7xvTu9rLa_36Xn_XSryua6ye12eCmpKLrome4UYe15R75uEcqP9xPD6KWaNf0ioR3eIf0hfDvWTCDdXzNPOTN0
Frame ID: C020207CC989C1E79431EC41CF6A4275
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1B7011FF7246F2448EBBFA0D3B6DAF51
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 041902D2A97CCC737AE950C4002DF98C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3536.js
Frame ID: D5BF2AFCAD49B3F05E2F5FA087BFFEA9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC42462899B70BA636170E6BFE1CEBA7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 05CE03A46875EBFE30729BCC30DA6FA7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Академічний тлумачний словник української мови

Detected technologies

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

97
Requests

77 %
HTTPS

45 %
IPv6

24
Domains

35
Subdomains

27
IPs

9
Countries

1124 kB
Transfer

3026 kB
Size

20
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=80114
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://connect.facebook.net/uk_UA/sdk.js HTTP 307
https://connect.facebook.net/uk_UA/sdk.js

Request Chain 8

http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.5000021109200323 HTTP 302
https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.5000021109200323 HTTP 302
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.5000021109200323

Request Chain 9

http://r.i.ua/s?u122537&p268&n0.769306620114798&c1&d24&w1600&h1200&rsum.in.ua/ HTTP 302
https://i.i.ua/r/3_3_5.png

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1&C=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-mhXZ8Kh9qhZSDP8MM0NgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEARQCqxkgSMOq1VpFvBnJ80&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEARQCqxkgSMOq1VpFvBnJ80%26google_cver%3D1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NDAyNTYzNjEwODU0Mzg3Nw%3D%3D

Request Chain 83

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEsPrN7ZrwizU2jpWwvEvtk&google_cver=1&google_push=Aa02lx9QvpV6mkMZ_BKkKgvhhFloYy5N66WPCV_mQD_NELgVM25U9j_cwCiJoe3sXpjJT7mmk714TMpaApx9uf9VDVkJRyR2O8a5a6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9QvpV6mkMZ_BKkKgvhhFloYy5N66WPCV_mQD_NELgVM25U9j_cwCiJoe3sXpjJT7mmk714TMpaApx9uf9VDVkJRyR2O8a5a6A

Request Chain 84

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBCuvTt7tRqnmp9c_7qklYI&google_cver=1&google_push=Aa02lx-XPgQMF-4qynABRXRtsR4xCn_99gY1P5CjPXIJ-0OonXl_yeNkx_4o3kNtdOLhkFXSWtRqRa3eGsRCcIe1m27jMKnnsrTlDds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBCuvTt7tRqnmp9c_7qklYI&google_push=Aa02lx-XPgQMF-4qynABRXRtsR4xCn_99gY1P5CjPXIJ-0OonXl_yeNkx_4o3kNtdOLhkFXSWtRqRa3eGsRCcIe1m27jMKnnsrTlDds

Request Chain 85

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHyR91B17fXMyx0JQq-qDgo&google_cver=1&google_push=Aa02lx-p9UITgT77NAs9wm7gcCKFygPojuqcNHHUhqQDLx8rFOFjc5SiDThxP8XGAi1MIoq6Bz2uV82BYrKMv9SOn4GxJkxbMNj65Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVKSkw3STItVC0zV0RW&google_push=Aa02lx-p9UITgT77NAs9wm7gcCKFygPojuqcNHHUhqQDLx8rFOFjc5SiDThxP8XGAi1MIoq6Bz2uV82BYrKMv9SOn4GxJkxbMNj65Mg

Request Chain 86

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOnaH3zkxfizeme0_0gwaSU&google_cver=1&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZvxNA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZvxNA&google_gid=CAESEOnaH3zkxfizeme0_0gwaSU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU2MDkzODcxMDkzNTAxMzk2NjkwOQ%3D%3D&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZvxNA

Request Chain 87

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENiYLwlJmefuJSE7ShOAf5s&google_cver=1&google_push=Aa02lx85ab3RKbXQFl_lZy5TtM2rP9qEk90Ad1Pj-Uf5h-7aL-MtL3VUrYQRjuuKE_P0O_usRnvdAZa4kSgGlI8rzrZb_1emTzAX8rRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYwMzI1NTkzMjUxODQ2MTU5Mg%3D%3D&google_gid=CAESENiYLwlJmefuJSE7ShOAf5s&google_cver=1&google_push=Aa02lx85ab3RKbXQFl_lZy5TtM2rP9qEk90Ad1Pj-Uf5h-7aL-MtL3VUrYQRjuuKE_P0O_usRnvdAZa4kSgGlI8rzrZb_1emTzAX8rRg

Request Chain 88

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOgl39X0dPg-bpqbFy60-hY&google_cver=1&google_push=Aa02lx-1KcDV7lPQzynYvIDzWEe_xxIFjtcvKTTQxIjf3YVVUAOpZoNe3t6UWD86YsFxcfibCrpXkgTlYbEr1hxMHC9odhIsgy_WV1Kq HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOgl39X0dPg-bpqbFy60-hY&google_cver=1&google_push=Aa02lx-1KcDV7lPQzynYvIDzWEe_xxIFjtcvKTTQxIjf3YVVUAOpZoNe3t6UWD86YsFxcfibCrpXkgTlYbEr1hxMHC9odhIsgy_WV1Kq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=00d38a9d-658c-472e-8c69-15837c225971&%%GOOGLE_PUSH_PAIR%%

Request Chain 94

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=8406bceba5b64db2b7e9a102f56771a1&dup=&eoid=1000&cbust=1677304158506848 HTTP 302
https://tpsc-frc.doubleverify.com/event.png?impid=8406bceba5b64db2b7e9a102f56771a1&akipv6=2001:1b60:2:240:3247::6&dup=&eoid=1000

97 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sum.in.ua/ 9 KB
10 KB 333ms
247ms Document
text/html 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) / PHP/5.3.6
Resource Hash: 79a6714763fedcd249ecd9d8e83cc1c98d406fa1d1e40e28331d8d4bc11eedc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Language: ru
Content-Type: text/html; charset=UTF-8
Date: Sat, 25 Feb 2023 05:49:14 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=3, max=15
Pragma: no-cache
Server: Apache/2.2.23 (CentOS)
Transfer-Encoding: chunked
X-Powered-By: PHP/5.3.6

GET
H/1.1 200
OK common.css
sum.in.ua/com/ 14 KB
14 KB 47ms
47ms Stylesheet
text/css 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/common.css
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:15 GMT
Last-Modified: Mon, 19 Jun 2017 16:31:43 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0c2f-36b7-55252ab982951"
Content-Type: text/css
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=14
Content-Length: 14007

GET
H/1.1 200
OK computer.css
sum.in.ua/com/ 424 B
736 B 94ms
46ms Stylesheet
text/css 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/computer.css
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: 18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:15 GMT
Last-Modified: Mon, 07 Apr 2014 12:12:24 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0721-1a8-4f672c7b9ba98"
Content-Type: text/css
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=15
Content-Length: 424

GET
H/1.1 200
OK mootools.js Show response
sum.in.ua/com/ 92 KB
93 KB 94ms
47ms Script
application/x-javascript 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/mootools.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: 44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:15 GMT
Last-Modified: Tue, 02 Apr 2013 19:18:16 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0877-170eb-4d965996fae00"
Content-Type: application/x-javascript
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=13
Content-Length: 94443

GET
H/1.1 200
OK ajax-nc19.js Show response
sum.in.ua/com/ 10 KB
11 KB 95ms
48ms Script
application/x-javascript 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/ajax-nc19.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:15 GMT
Last-Modified: Tue, 11 Sep 2018 02:17:27 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c05da-28d2-5758f133b9bc0"
Content-Type: application/x-javascript
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=15
Content-Length: 10450

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 99 KB
36 KB 126ms
92ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b0a4a2fab96b7c178fe8bd3409fe70d2b770e3683c3392e273c2277a7089745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2582378155328948636
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 35990
X-XSS-Protection: 0
Expires: Sat, 25 Feb 2023 05:49:15 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/uk_UA/
Redirect Chain

http://connect.facebook.net/uk_UA/sdk.js
https://connect.facebook.net/uk_UA/sdk.js

3 KB
2 KB

79ms
21ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e0bc90144b8c11d75104fbb9cd2d58f98b30a2539f2fbe2e26a422ce3ebf0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Feb 2023 05:49:15 GMT
content-md5: MpdjwMWRqDJNkmkwX98qgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: FoG37/R66jIVOEMai+ohxGfv/0TknHm4YclhExYORogL+ob1izLbNsXsilsgPfOmTpqvSJ29v5yWb0YCSnQ9BA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 4271a7406e3fb225a44e1cb061c3c5fe
cross-origin-opener-policy: same-origin-allow-popups
etag: "73aab0e590b308fbbe48f4411b4f2a01"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Feb 2023 05:52:35 GMT

Redirect headers

Location: https://connect.facebook.net/uk_UA/sdk.js#xfbml=1&version=v2.7
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
121 KB 177ms
88ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d713d9913b73b947594c2ee73d0ab5964fbdbfd93641a265660e0ec54e24993e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122956
x-xss-protection: 0
server: cafe
etag: 2776025080471951278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 05:49:15 GMT

GET
H/1.1 200
OK rect.png
sum.in.ua/com/ 2 KB
3 KB 47ms
46ms Image
image/png 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sum.in.ua/com/rect.png
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/com/computer.css
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/com/computer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:15 GMT
Last-Modified: Sat, 12 Oct 2013 10:19:45 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0881-8e7-4e88892f91e6e"
Content-Type: image/png
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=12
Content-Length: 2279

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%...
https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439...
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u04...

133 B
619 B

53ms
53ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.5000021109200323

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

c7ac826bc27556c47baa1cc2c458606008e6ccda29e6ac7df3d44d30ad4fee06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:15 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 133
Expires: Thu, 24 Feb 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:15 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.5000021109200323
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Thu, 24 Feb 2022 21:00:00 GMT

GET
H2

200

3_3_5.png
i.i.ua/r/
Redirect Chain

http://r.i.ua/s?u122537&p268&n0.769306620114798&c1&d24&w1600&h1200&rsum.in.ua/
https://i.i.ua/r/3_3_5.png

1 KB
2 KB

100ms
31ms

Image
image/png

104.18.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.i.ua/r/3_3_5.png
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: H2
Server: 104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:15 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Mar 2007 13:53:49 GMT
server: cloudflare
age: 2073495
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79ee281cbba1362d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1187
expires: Thu, 01 Feb 2024 05:51:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:15 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location: https://i.i.ua/r/3_3_5.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 79ee281bbb5d92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: 0

GET
H/1.1 200
OK hit Show response
c.hit.ua/ 315 B
756 B 105ms
51ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8755740694848073&r=&u=http%3A//sum.in.ua/
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 09462e959a3ba09daaa71e813a7375fe25fe24c44533bfd71b8ab109ce7377e9

Request headers

Referer: http://sum.in.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:15 GMT
Server: nginx/1.17.9
Transfer-Encoding: chunked
Content-Type: application/x-javascript
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 307 KB
87 KB 48ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=4b434eb34b78e6e1154d30cb71dd113c

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c774c517aed5e5049f61878079accbea5c3741fbe94583ce6e7d3f979d217bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://sum.in.ua/
Origin: http://sum.in.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Feb 2023 05:49:15 GMT
content-md5: C2PqdB1wm0k/Snd/7cvPGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88659
x-fb-rlafr: 0
x-fb-debug: T0hO+GyesWoeKHl7GbAen/U9a2SCLi5CTinZHNVG6pmPrm4eOrpfUe2HrnAnpYuccdQEo3IMJUYloIEXwIekwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 69b977928443ec5347e01f2b831b102b
cross-origin-opener-policy: same-origin-allow-popups
etag: "90e5fad7f7f28b9fb17cbdf233753902"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 25 Feb 2024 04:38:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 82ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sum.in.ua&callback=_gfp_s_&client=ca-pub-2843374221922515

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4701a1c8f69f4fc06ec45b93b3135d5e6965b328c4a6c01c99614df33d7cf28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 148ms
57ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4860 87 KB
32 KB 427ms
426ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1677304155&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1677304155412&bpp=17&bdt=259&idt=291&shv=r20230222&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&correlator=7253468349085&frm=20&pv=2&ga_vid=145421815.1677304156&ga_sid=1677304156&ga_hid=632861080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759842%2C31071756%2C21065725&oid=2&pvsid=25899346188116&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eNCy4IJyQp&p=http%3A//sum.in.ua&dtd=310

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a124b43d0fc2866b9a28b53c8b4c1b087a7f5fce030936a82cb46df72e5bafd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 05:49:16 GMT
expires: Sat, 25 Feb 2023 05:49:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4860 6 KB
1 KB 153ms
57ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1677304155&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1677304155412&bpp=17&bdt=259&idt=291&shv=r20230222&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&correlator=7253468349085&frm=20&pv=2&ga_vid=145421815.1677304156&ga_sid=1677304156&ga_hid=632861080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759842%2C31071756%2C21065725&oid=2&pvsid=25899346188116&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eNCy4IJyQp&p=http%3A//sum.in.ua&dtd=310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Feb 2023 04:35:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Feb 2023 05:49:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4860 2 KB
818 B 76ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 4860 22 KB
9 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4860 3 KB
1 KB 72ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:58:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4860 20 KB
8 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4860 158 KB
49 KB 97ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 05:49:16 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 4860 33 KB
14 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 20:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 20:36:56 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4860 0
0 79ms
79ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZde_W6H5Y5ezLsXJ3gPLrZLgAca-1e5t1rjEx_wQipzdyMEBEAEgmZC6DmCVuoCCmAegAdD5hKkByAEJqQLD_Cs5UbKxPqgDAcgDywSqBMIBT9DXjputGTkEJeRdDrZNplq2UcqevKJQ9_LSvhvGVKhvPxD_eRPPS_zIOWOf8aOypFQwS5K8n287x2uu0rTotdXVKs34CTfyQBD66pl7lvRg3vNhJgzGPkfPI48w-cuTCVAoCAMDCYs0sNzRhBMcFleMMVJ-IOtUp2ze_bQz0PgY7kQim2bT_s1g8jRm8BG4m_UzPAzLyNJ8rj6U-cqe9ael5ssj7l0wMGueCUa14nju-KEGPWDjanuiRolZAo0d0tTABL_U24DZA5IFBAgEGAGSBQQIBRgEoAYugAeYhvvWAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKv-GNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yODQzMzc0MjIxOTIyNTE1GAA&sigh=zUgDrLkwJQo&uach_m=[UACH]&cid=CAQSGwDUE5ymqYGvC5-M4dp57_L4ougzA0GE__LEnRgB&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1677304155&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1677304155412&bpp=17&bdt=259&idt=291&shv=r20230222&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&correlator=7253468349085&frm=20&pv=2&ga_vid=145421815.1677304156&ga_sid=1677304156&ga_hid=632861080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759842%2C31071756%2C21065725&oid=2&pvsid=25899346188116&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eNCy4IJyQp&p=http%3A//sum.in.ua&dtd=310
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Feb 2023 05:49:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Feb 2023 05:49:16 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15806898588811077520/ Frame 4860 2 KB
3 KB 74ms
37ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15806898588811077520/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d25c1070f595425708f5e33f7c5a0108498ab4ac3a5ef7e13da0c83c802a12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:00:02 GMT
x-content-type-options: nosniff
age: 110954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2255
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 10:17:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 23:00:02 GMT

GET
DATA 200
OK truncated
/ Frame 4860 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ca436a820fd812f1bf4e027e89b5e401e1408c0194a543d9c55480b93a641c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4860 15 KB
16 KB 126ms
35ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 144525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:40:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4860 15 KB
16 KB 132ms
42ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 149171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4860 15 KB
15 KB 161ms
73ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 146120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
48 KB 79ms
79ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c914e8d3014b5159ebffe41af960dc39589d1be00d5c692776a70bab3942e01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49569
x-xss-protection: 0
server: cafe
etag: 16995205975907279954
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 05:49:16 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.7/plugins/ Frame 64CC 0
2 KB 103ms
55ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fd88df760ee2c%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ffbe98a78e384d%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=4b434eb34b78e6e1154d30cb71dd113c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Feb 2023 05:49:16 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 1OmYqqbnuZumSnYIXLRU+kiXW40QpoOBnnF1ZBTPKnwgPBkjSZGd97ZGMzKJvmmniUUqoMC9vQKmzxg0N30qHQ==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 134ms
66ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e03c6e2ff4cc7f90ac5da7cc0abc07e80c0117f778a128d1f4d3b035dfb784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11108
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EFE 36 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 06:22:04 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 5733 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:46 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 11:28:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 57ms
56ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B109 40 KB
16 KB 422ms
421ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1677304156&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&dt=1677304156480&bpp=2&bdt=1327&idt=2&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db99de7d79410aa72-2289badf22dd00d8%3AT%3D1677304155%3ART%3D1677304155%3AS%3DALNI_MYzww1AYkhtCD0yhfBrQfkQpd3mRg&gpic=UID%3D00000bbbedc477b3%3AT%3D1677304155%3ART%3D1677304155%3AS%3DALNI_MZi0WUZoUU-yMeKHk1AcidgJQ7Pdw&prev_slotnames=6868198912&nras=1&correlator=7253468349085&frm=20&pv=1&ga_vid=145421815.1677304156&ga_sid=1677304156&ga_hid=632861080&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759842%2C31071756%2C21065725&oid=2&psts=AD37Y7t_XjzO-m1aBdxlsZ8SKpsxd6jD-9J9yCsWG5kQzsFqipQW3R66JvfYA_c2_sIEtdbeNMxaNWK_w_IUW0FtEw&pvsid=25899346188116&tmod=83335841&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8768d92ce33d07678ead960c4b6fcd7ee24e5f8e17beffcffdbbd2cac4df03dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15992
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 05:49:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 05:49:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B120 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 23:48:13 GMT
expires: Sat, 24 Feb 2024 23:48:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AAB6 783 B
1 KB 79ms
30ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b072d43716a38a1bddec34708a78c44b52a9844eaa3269d3e76cb4c35e25227

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m8i-sNkfwkb6V-lXVRIjVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-m8i-sNkfwkb6V-lXVRIjVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 05:49:16 GMT
expires: Sat, 25 Feb 2023 05:49:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame B120 36 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 06:22:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AAB6 0
0 65ms
65ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=25899346188116&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B120 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZOL2sA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 99ms
98ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28e1dff6111115a71001c4483e3eb617ca51b1f0e0ece9972fb9464021b7b2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52075
x-xss-protection: 0
server: cafe
etag: 1437532876484138562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 05:49:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 57ms
57ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 0998 10 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 04:41:39 GMT
etag: 10353107486223812946
expires: Sat, 11 Mar 2023 04:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C020 624 B
242 B 60ms
57ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjYju2lATAB&v=APEucNUNM5tza-BOzgd6H3dxDYlb8MglfelEyLn3U8PDjoPUagBC8Z2UJSK68tsyOyIZhWmiG_rgT6f9o0Vrkpi5EJXJ-sqPi7xvTu9rLa_36Xn_XSryua6ye12eCmpKLrome4UYe15R75uEcqP9xPD6KWaNf0ioR3eIf0hfDvWTCDdXzNPOTN0

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 05:49:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1B70 78 KB
27 KB 74ms
74ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 05:49:17 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 1B70 2 KB
3 KB 263ms
42ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253301&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iPjPEm7pCe12o8tSLPAAka&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=32180591&DVP_DBM_4=347817816&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43537264818&turl=http://sum.in.ua/&DVP_PP_BUNDLE_ID=
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:17 GMT
X-GUploader-UploadID: ADPycdtNtAjlYdrta-l3UqO7FDE-_iwXAjfeaJIoKxhbJdY-eR9FHPhh5_adX6s8buye_b84yVlklAZf9vx9b3Inf8t_6lQSbDxc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 1922
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
x-goog-meta-previous-generation-number: 1673253614982549
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control: max-age=86400
x-goog-stored-content-length: 1922
Accept-Ranges: bytes
x-goog-meta-pipeline-id: 742670731
Expires: Wed, 18 Jan 2023 13:56:00 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1B70 8 KB
4 KB 262ms
41ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iPjPEm7pCe12o8tSLPAAka&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=32180591&DVP_DBM_4=347817816&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43537264818&turl=http://sum.in.ua/&DVP_PP_BUNDLE_ID=
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5851da0728ca1ed1f661c31af12e7c5731230af08613c1a6d2654befe4f7a697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Feb 2023 17:46:13 GMT
Server: Microsoft-IIS/10.0
ETag: "80e03a656541d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3337

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1B70 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:58:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1B70 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B70 158 KB
48 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 05:49:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B70 42 B
63 B 67ms
64ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BUQ66SlhydtKnfWO-vE_GVYXNC8kVWIpbcVYZJ_UbcphNmpj2LZl687Lgpoh1DSZGzzzPTFTyWn7Q4L7hwOKdCACVj56mVWhz9kVFRaaEllaKq-vY

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B70 0
20 B 68ms
66ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5188509570247657881&x=1&ct=77

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C020
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1&C=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjYju2lATAB&v=APEucNUNM5tza-BOzgd6H3dxDYlb8MglfelEyLn3U8PDjoPUagBC8Z2UJSK68tsyOyIZhWmiG_rgT6f9o0Vrkpi5EJXJ-sqPi7xvTu9rLa_36Xn_XSryua6ye12eCmpKLrome4UYe15R75uEcqP9xPD6KWaNf0ioR3eIf0hfDvWTCDdXzNPOTN0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C020
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-mhXZ8Kh9qhZSDP8MM0NgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjYju2lATAB&v=APEucNUNM5tza-BOzgd6H3dxDYlb8MglfelEyLn3U8PDjoPUagBC8Z2UJSK68tsyOyIZhWmiG_rgT6f9o0Vrkpi5EJXJ-sqPi7xvTu9rLa_36Xn_XSryua6ye12eCmpKLrome4UYe15R75uEcqP9xPD6KWaNf0ioR3eIf0hfDvWTCDdXzNPOTN0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB2-ubH92J2UYSZ_0CaA8qo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C020
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEARQCqxkgSMOq1VpFvBnJ80&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEARQCqxkgSMOq1VpFvBnJ80%26google_cver%3D1

43 B
1 KB

39ms
27ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEARQCqxkgSMOq1VpFvBnJ80%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjYju2lATAB&v=APEucNUNM5tza-BOzgd6H3dxDYlb8MglfelEyLn3U8PDjoPUagBC8Z2UJSK68tsyOyIZhWmiG_rgT6f9o0Vrkpi5EJXJ-sqPi7xvTu9rLa_36Xn_XSryua6ye12eCmpKLrome4UYe15R75uEcqP9xPD6KWaNf0ioR3eIf0hfDvWTCDdXzNPOTN0

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:17 GMT
AN-X-Request-Uuid: f4685c81-ebc9-48a2-9feb-3d04a1de9650
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:17 GMT
AN-X-Request-Uuid: 493d30ff-533a-4a92-98a5-eed2d61ef9ad
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEARQCqxkgSMOq1VpFvBnJ80%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C020
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NDAyNTYzNjEwODU0Mzg3Nw%3D%3D

170 B
243 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NDAyNTYzNjEwODU0Mzg3Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 25 Feb 2023 05:49:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a407c1fb-83a5-4cfe-bf17-fa267d0133f4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE2NDAyNTYzNjEwODU0Mzg3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B70 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6230331846921&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B70 0
20 B 65ms
65ms Ping
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6230331846921&version=m202301230201&ct=77&x=1&cor=5188509570247657000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1B70 28 KB
17 KB 83ms
83ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAPWB6EzMXgKrurAMElxJPTfH2gdpoVFLxU7FAz5UIG9UOxcj3W4bH4eGo1uo4aFVsgzEG6wzoeVOh4ZDtVeTDUJLudfnwWTVioKs5udao--38mE_Wwu_Mde5iVhB2ZEr16R6v7xfLhPgATEWw9ip1-YHiKrjDR8gcGNxtKCyLYbwgsDk&cry=1&dbm_d=AKAmf-DgElb-lQwwMbF4-qlrrFrOSj6o8Q6eaJ8Dhh0f7sDj4Bb3xHIH-DIKCoROBMR4WMjQagymEsUtGmd_OkNv4zlOyNIN5ko8mFen0rrGK87De9CXLCNHENGOGs6XfIzSG4toCPRQ4qhI4d-f2ZOi3bgWUMOZM_9Vl3CiE0TkuDUxQ9kEW2sT7WrlWMBbrR2szvl0bRrcruXishQmSVs9Bk9yTSoH7EoGR5rlaAQrKDbbjJ2s6oMO10wBmuv_e0PvBRe5W8pzelGlfH3Mgpgm7GYSUUIqU10R2MRGkVCbAJJrLgLts5y43B1MkmLpMSHAiyqqSOz0xyht5kjxOL7H5rixg3lhjSKKFeRbn9GTnFy6NMMM5prHVGHNRJULQz5oxi47ECzf8CSRSd2p5tAiAlfzB0K5PkhlaAO1cxdXRb5MeXsfZ-cnmqbh8oNrUTWbcYLk6JbO8AXF-TuHDt92iBm-pTOcgRIm8Ly-IZUcjH3NnvnKgIPE7g0I1rnR9A1LZRVtKa4GEtmWITXUH88rEcJYDvw1RkfGAbknNE8T65pSjpCkAXkDnSo511AMf0szpa1F2qaCeiU1sc9eQVXJS2z5K-Q3af9HnriPzRJjl690tGIfBGGSHWLa-lEZB2Has2FqnZGeBwTTrNhIEAChVDrjR_jW7EwSCEX6lUH7Icp4c7NSoUKfV19RLTtZFF8L-m7BzNyQUcWtGDfu6W6sLUQDZvBxcFFK7rJ21nQ0gdXQjb3t6Ce3TZV1c3IP-hAlwgL4p5wVRIGeCa1ZYCFZoS98zVSQRxz4ewv2dCEu8jUBVviJ8qxctVLZC4HGa--hCx_CkJCKvslx-UF3QPioeydys-T0HDINcOLTnjOYToKl-K9ANu4n874b019gj8jkJmqY45g0QEe--seLvIeR6g_HeIYQMHzkrOmqKaMXl_7Sts_CrEELoy9r9-dS163kh84i1FK1gLIcVm24gA_LESLoNQA9FcIiOJIlK1kSpty1rVk2gx5Ji_z7gl5tSF6Rov0VFMJXRRVUFons355TU5DCCvNhUWT0jZNrk1_mlF53uOH9gZLSParCOzzQd4JlJKmpJHl4qwynr2QlO7kD7s3j8obxtvovXqOGdpDx_t3K_B39dqOH8l5ELYxCton9rcBj-irbIGtgsSIOjLtRoCp8yOb-hzlxhgQYnu-ckfOu9rYKcP_r__kuzASp9awrwD4W2WpAs7ZeoFZacuZb5sPWdrw9y6MsAs8QQY0CQpxIhnO695K-15YueOWnllg6GSyNeMxD6vOf8SGagTiHs9jvuNcOZzlWxss8t6tCoT_e-MbuOy6fmP5pDqSsgZWb_I80XMERdRb5-kjqUYuCUOp4OSNyPf9j9cdz0gKN9kdNocS5MOKf18Y5fWEGeJeJSergivG8gx_F7ZGiuAx5blPVhdfeRNW-K85a_xvTP2eknxsjUx9y1FTYuUpFCJGv6debHdOF11FxZ0mtaz8rgj2HDC7Bd0eRhxXHhkNAx-ou1mqf5atJYx8mv1QGWaITnuTE8hWFhroHwjWje_pSmQd2AiDtmEY8utpK0GhclELLP3Q3mi-w_dwE_IZpAc1c-aW33kvjlxikqiwS-b8WpLa5Gh946m9SOaqKAgJdh4PCwlMu9gRhflh01EQ1Na5A29QkfpABAzvx6iPK-e6DX2ZVd51W3PA75dC2mVdtMaOLeGvRnR-zFx8WIG3faDN8dJMG6PSEHj4wlHqB6p70hAjI_gJcRXDVLyCBIIDqePg4R0MR2MfMkvVWeKs0tyFXbqJLND0VYcoZ-JpqC_CdoyOJxJpTPGM2hkjDuB0bCAJx3V6GsRxeBljte-HX44wi6jPDjz2Y6WxLdBRcK4eX3ynzbMd2StDc55aoVqNCILvFZC8gXhtiqLyeAUL0ZYj8RBfzosAD7N-nD2QQOhk61qnDNF7UrxDwrJV0QD-uyXAPVzAGvlyVNz0P-GERL_UMDpYT25r368-NS25rgzRMVM6gQS8hsoH79pXP-B_3KlBb4AdcIZbDHAWCtDVttVQDn5YN4gTzoPwEW_r4DX5phdR5moK1ZSSRTrVoLY1-TO8Msbt74nkif_JKzFBEY3WNStcLckSl47KLluJdzy9Cg8_-N4x6yxpcY7floz8JrIREp7OBjOTvR1QN4DVLyH3tUjMGQk4ReM26NEt6XnMesN6GmZy5aFROeZkZDthRku5pU5qyvTIsftqtlbdT97C8NH5iyHnIxwEjvVutMmuTMQU4N_O9njzBMM7JFPzW0HtieHQ3ZW3VzG-xEZYw6MQ99EHMhtQ-bAUAeONB5P1uHYwbOEqx6v8pCIf0nneCJBrh8xTw2ZSdigJFGZUtR17L83JHSspv-9WiaX23YFjJLFv6yQJka7mcBnQOGwXZHvIvaJy03DUdwpV1qob3eg225hhYs7G3jnU2IpVljjqEIdOnMXPIrGoiOhslEo-vmqRlJJK0HXcpKFC76oN5cpdS3tGutj0LfiytrDAXXm7dmf3MFeIY714pDSrqsuDXt5YuLCuy4r2IetkJXDV3JU-g23uJI8HaFKVzC1sg5Xrjof-mVJk6buM0V1hn92Q3YKCUwq-gaoHhAFuko9xIo4m-Q4yVrrRecoaogwTurTpa3Zg684XzTHowuNXXUfWnQ1ucqcgMKYFIkPHcomCRWSu86a8vyOqI2OW6wGwuo2OqhDcR5r35oThm6FyWONGtLENVyyT62PX7gqErVBAHupUSAcbJ96CYTVWzf1Zx5EVH1XSnE4743isKgP60iiun1qPj5t5tTQyeZehxZ4uCtHj0tGg9JSGov5Hn7f7Ml6Kt_JE7RFZru9dlXq0cdKcpGPD6Tzon059EXTy-8oLMS4DIKyxOheJjMEspGtOBdIoS328Jy-9EccG4-UeJkh_CD9-rnZ10PlidZMaz-XN9__DkXpoh4Mmm9qK9pGolJ1XY-4XeFJIBPdBV0we_PoyE-iLnCgmVm87ZkUnkbCC4CByGBXPHbbrcaif8cueaktGwfCSIP_2eZ8Z848aPXPPA-QSuv4IKFowhljF7BWiTVEXbk2YJP2ob_Q5ArVP4NooTJCyOdZJQfa2_pbLkrYj7Fk2AUKORB952gEqX7FK3Rh1F3xeXWx05y_wF6_bHBAJHvkIDZUWQnqYxmv5fdJQQy-k5uxmoS2YdIz0x8anda8s_OcEGmga7RhWEILqJyD20-qXaJgJ2QvHCbwsz0gME9jCFG2qG_xtzGeF9J3skS1ZzkkL7WTcfMNzDIQ4P5ZMrYquZE3o1S5r_X1CdWKxrrxNTW4-DRHvjgeFpQtDYrhh0dcuwc03b42dUULjuoIA8ID5WurK0WIjomMo-oQ4hDMiBsOpT9DYZ1xMfSxnjTPqHxesVXZmpKntcenuDTBXsbIBFiTk4EQXrwXSYe-UN7FGxgV0kx3F9D7nHSmfEoCnIWxIx84QYFPmEx6I5bcMNdug_-AbG-hKOGWBSKzbJ0eTzH4qVhpTGwmjwDU8Nc1pmkdFkS9tqfPfcYF69kYDWcG18GQsJPk_gNn3U2ImqLlOXQ-XgXyvXZ5QE82auH1u5UJee-WwU2sVJNACq3m6rwXY6zWaLEg&cid=CAQSPADUE5ymILK2FrPL9RM8dbnHU3BrPSg1gLNBuP_YD3cJP-JYhZfbYMvOYjxhsOTSWuiJDw0YNCJPtCy7NhgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsum.in.ua%2F&ds=l&xdt=1&iif=1&cor=5188509570247657000&adk=521587874&idt=81&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a5a6f2a04e9ddc3540923e941b464647419713742e15d97ec6bd947b0223f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16995
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=25899346188116&bg=!ysmlyZ3NAAZYlHKzeJQ7ADkAdvg8WsdjcpTvSisENbABzDPGjLEUYYwQBTSZnlbTbYaP0iyCO0OUMODmmLo5-bTdJtad7u23I4cCAAAAblIAAAACaAEHCgDpoNuSh5jIZhcW1k9S9NYxpYYhfWgHtixJrkIrEk5P89kPQzqGxXAgXua6t313mbVAVpwQLpWsHS7SFGzGqkzozM6I-LiLLe51uLCTAlvhXCiHwg8ui2JPXLo4b2O9Uo7nsbDJDdQq5hXKPDtPVJo4v-MpR6yTCThCTSPjSjvShUALKwgMZpQ4Ms995TWqa2IEo3Qq9j_wmFgZAQxKdSBM1ytUSLhnxRCP99rNszwqw67gap-9f8JEScbIx2xfOkJ7W4A5aLDvizkViGUo5etzFW9Iw-rOLsuwGOSG5D-_Kyv3ufF4KEJu57OZApmQpSBZVA5Kb6yQ2guWPWBNUhzgtNf9dYl_qibwmgc4tiCUBOTqd7J7G1tgfDAr7zEVvojs5R5XSynNUewjoqmOq5JgY7xgmTVkBruCVRUc10Et__fxbijJ0yO6DW1JUcT2iofmlVDb3apAtVQqGunFCg7lH8h5Dkuj2td4b8XM8p1Q6Qd5YcnL-kZDm3AAa4OklpjalzdnTaiOwdM345-Wk7RoZMDzgNbiB4SUPCn9wfyE6OAr9INNJXZCSaFXai_gmHRr5nU95HEzTi4dJy4ZC9NvhZiySwjPAALg23rU2t5iNx_DHDNfa25i4S9Jz-EvVxdXQ-fl3S7JaayT5GFlHrvGH2MCAJT8pO7FP3mGwCPxVrTLE4Yg0tvlYLX0iPDYf_7sheGhi6iu7tS6cagrrxZ3RqLym3yFo48sEkxvm-JLeOK0__BepMfxn4fI0yRA33bFC8EL_QojxjrgaFTk3MAtQ43xxX8jwC7Py-hhCcg2bnK1U2-EVfF4mdM2u3FPT3h3Mvfok32Zerdc-n6KovzEX2rNM4iYYtPz9ntHTCHfXod8_buCQRcjdvnFSCUv4lvOpiQlv3vEVjhtEytl7nIVB8EBrKt2RImHNjNECx4GWnwoxb_fPoZrY9JEuXA_AiQ-HYkN6vlK30is_DVItqjKrLYd711QlfMpe5R8MlKg9YpIU7F-jOo_JPzp-cXPgjUhxH3mnoBFxudYxMSMEnruQn4djpu3UWotgECSSDlgOcgKiYM1NfKrQnTZrHaYHsGzvRz8OS7X4Z0auE9WtD_6V-1OoXW8ELdR4EsdKMM6fGWXdOOf1lKoa8HnUn_Jc_X50X8usJs4Sso6017WfyAnNyPUG0z4wBRWGrR3HIctGExHJtSnvA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 1B70 28 KB
11 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAPWB6EzMXgKrurAMElxJPTfH2gdpoVFLxU7FAz5UIG9UOxcj3W4bH4eGo1uo4aFVsgzEG6wzoeVOh4ZDtVeTDUJLudfnwWTVioKs5udao--38mE_Wwu_Mde5iVhB2ZEr16R6v7xfLhPgATEWw9ip1-YHiKrjDR8gcGNxtKCyLYbwgsDk&cry=1&dbm_d=AKAmf-DgElb-lQwwMbF4-qlrrFrOSj6o8Q6eaJ8Dhh0f7sDj4Bb3xHIH-DIKCoROBMR4WMjQagymEsUtGmd_OkNv4zlOyNIN5ko8mFen0rrGK87De9CXLCNHENGOGs6XfIzSG4toCPRQ4qhI4d-f2ZOi3bgWUMOZM_9Vl3CiE0TkuDUxQ9kEW2sT7WrlWMBbrR2szvl0bRrcruXishQmSVs9Bk9yTSoH7EoGR5rlaAQrKDbbjJ2s6oMO10wBmuv_e0PvBRe5W8pzelGlfH3Mgpgm7GYSUUIqU10R2MRGkVCbAJJrLgLts5y43B1MkmLpMSHAiyqqSOz0xyht5kjxOL7H5rixg3lhjSKKFeRbn9GTnFy6NMMM5prHVGHNRJULQz5oxi47ECzf8CSRSd2p5tAiAlfzB0K5PkhlaAO1cxdXRb5MeXsfZ-cnmqbh8oNrUTWbcYLk6JbO8AXF-TuHDt92iBm-pTOcgRIm8Ly-IZUcjH3NnvnKgIPE7g0I1rnR9A1LZRVtKa4GEtmWITXUH88rEcJYDvw1RkfGAbknNE8T65pSjpCkAXkDnSo511AMf0szpa1F2qaCeiU1sc9eQVXJS2z5K-Q3af9HnriPzRJjl690tGIfBGGSHWLa-lEZB2Has2FqnZGeBwTTrNhIEAChVDrjR_jW7EwSCEX6lUH7Icp4c7NSoUKfV19RLTtZFF8L-m7BzNyQUcWtGDfu6W6sLUQDZvBxcFFK7rJ21nQ0gdXQjb3t6Ce3TZV1c3IP-hAlwgL4p5wVRIGeCa1ZYCFZoS98zVSQRxz4ewv2dCEu8jUBVviJ8qxctVLZC4HGa--hCx_CkJCKvslx-UF3QPioeydys-T0HDINcOLTnjOYToKl-K9ANu4n874b019gj8jkJmqY45g0QEe--seLvIeR6g_HeIYQMHzkrOmqKaMXl_7Sts_CrEELoy9r9-dS163kh84i1FK1gLIcVm24gA_LESLoNQA9FcIiOJIlK1kSpty1rVk2gx5Ji_z7gl5tSF6Rov0VFMJXRRVUFons355TU5DCCvNhUWT0jZNrk1_mlF53uOH9gZLSParCOzzQd4JlJKmpJHl4qwynr2QlO7kD7s3j8obxtvovXqOGdpDx_t3K_B39dqOH8l5ELYxCton9rcBj-irbIGtgsSIOjLtRoCp8yOb-hzlxhgQYnu-ckfOu9rYKcP_r__kuzASp9awrwD4W2WpAs7ZeoFZacuZb5sPWdrw9y6MsAs8QQY0CQpxIhnO695K-15YueOWnllg6GSyNeMxD6vOf8SGagTiHs9jvuNcOZzlWxss8t6tCoT_e-MbuOy6fmP5pDqSsgZWb_I80XMERdRb5-kjqUYuCUOp4OSNyPf9j9cdz0gKN9kdNocS5MOKf18Y5fWEGeJeJSergivG8gx_F7ZGiuAx5blPVhdfeRNW-K85a_xvTP2eknxsjUx9y1FTYuUpFCJGv6debHdOF11FxZ0mtaz8rgj2HDC7Bd0eRhxXHhkNAx-ou1mqf5atJYx8mv1QGWaITnuTE8hWFhroHwjWje_pSmQd2AiDtmEY8utpK0GhclELLP3Q3mi-w_dwE_IZpAc1c-aW33kvjlxikqiwS-b8WpLa5Gh946m9SOaqKAgJdh4PCwlMu9gRhflh01EQ1Na5A29QkfpABAzvx6iPK-e6DX2ZVd51W3PA75dC2mVdtMaOLeGvRnR-zFx8WIG3faDN8dJMG6PSEHj4wlHqB6p70hAjI_gJcRXDVLyCBIIDqePg4R0MR2MfMkvVWeKs0tyFXbqJLND0VYcoZ-JpqC_CdoyOJxJpTPGM2hkjDuB0bCAJx3V6GsRxeBljte-HX44wi6jPDjz2Y6WxLdBRcK4eX3ynzbMd2StDc55aoVqNCILvFZC8gXhtiqLyeAUL0ZYj8RBfzosAD7N-nD2QQOhk61qnDNF7UrxDwrJV0QD-uyXAPVzAGvlyVNz0P-GERL_UMDpYT25r368-NS25rgzRMVM6gQS8hsoH79pXP-B_3KlBb4AdcIZbDHAWCtDVttVQDn5YN4gTzoPwEW_r4DX5phdR5moK1ZSSRTrVoLY1-TO8Msbt74nkif_JKzFBEY3WNStcLckSl47KLluJdzy9Cg8_-N4x6yxpcY7floz8JrIREp7OBjOTvR1QN4DVLyH3tUjMGQk4ReM26NEt6XnMesN6GmZy5aFROeZkZDthRku5pU5qyvTIsftqtlbdT97C8NH5iyHnIxwEjvVutMmuTMQU4N_O9njzBMM7JFPzW0HtieHQ3ZW3VzG-xEZYw6MQ99EHMhtQ-bAUAeONB5P1uHYwbOEqx6v8pCIf0nneCJBrh8xTw2ZSdigJFGZUtR17L83JHSspv-9WiaX23YFjJLFv6yQJka7mcBnQOGwXZHvIvaJy03DUdwpV1qob3eg225hhYs7G3jnU2IpVljjqEIdOnMXPIrGoiOhslEo-vmqRlJJK0HXcpKFC76oN5cpdS3tGutj0LfiytrDAXXm7dmf3MFeIY714pDSrqsuDXt5YuLCuy4r2IetkJXDV3JU-g23uJI8HaFKVzC1sg5Xrjof-mVJk6buM0V1hn92Q3YKCUwq-gaoHhAFuko9xIo4m-Q4yVrrRecoaogwTurTpa3Zg684XzTHowuNXXUfWnQ1ucqcgMKYFIkPHcomCRWSu86a8vyOqI2OW6wGwuo2OqhDcR5r35oThm6FyWONGtLENVyyT62PX7gqErVBAHupUSAcbJ96CYTVWzf1Zx5EVH1XSnE4743isKgP60iiun1qPj5t5tTQyeZehxZ4uCtHj0tGg9JSGov5Hn7f7Ml6Kt_JE7RFZru9dlXq0cdKcpGPD6Tzon059EXTy-8oLMS4DIKyxOheJjMEspGtOBdIoS328Jy-9EccG4-UeJkh_CD9-rnZ10PlidZMaz-XN9__DkXpoh4Mmm9qK9pGolJ1XY-4XeFJIBPdBV0we_PoyE-iLnCgmVm87ZkUnkbCC4CByGBXPHbbrcaif8cueaktGwfCSIP_2eZ8Z848aPXPPA-QSuv4IKFowhljF7BWiTVEXbk2YJP2ob_Q5ArVP4NooTJCyOdZJQfa2_pbLkrYj7Fk2AUKORB952gEqX7FK3Rh1F3xeXWx05y_wF6_bHBAJHvkIDZUWQnqYxmv5fdJQQy-k5uxmoS2YdIz0x8anda8s_OcEGmga7RhWEILqJyD20-qXaJgJ2QvHCbwsz0gME9jCFG2qG_xtzGeF9J3skS1ZzkkL7WTcfMNzDIQ4P5ZMrYquZE3o1S5r_X1CdWKxrrxNTW4-DRHvjgeFpQtDYrhh0dcuwc03b42dUULjuoIA8ID5WurK0WIjomMo-oQ4hDMiBsOpT9DYZ1xMfSxnjTPqHxesVXZmpKntcenuDTBXsbIBFiTk4EQXrwXSYe-UN7FGxgV0kx3F9D7nHSmfEoCnIWxIx84QYFPmEx6I5bcMNdug_-AbG-hKOGWBSKzbJ0eTzH4qVhpTGwmjwDU8Nc1pmkdFkS9tqfPfcYF69kYDWcG18GQsJPk_gNn3U2ImqLlOXQ-XgXyvXZ5QE82auH1u5UJee-WwU2sVJNACq3m6rwXY6zWaLEg&cid=CAQSPADUE5ymILK2FrPL9RM8dbnHU3BrPSg1gLNBuP_YD3cJP-JYhZfbYMvOYjxhsOTSWuiJDw0YNCJPtCy7NhgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fsum.in.ua%2F&ds=l&xdt=1&iif=1&cor=5188509570247657000&adk=521587874&idt=81&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8294f47c10ab9172680f9bba780fecd122dbec7acc578a6973704c97903a8915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10818
x-xss-protection: 0
server: cafe
etag: 16521218800250601078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B70 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Feb 2024 17:13:20 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0419 22 KB
8 KB 23ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 563756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:13:21 GMT
expires: Sun, 18 Feb 2024 17:13:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0419 36 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 06:22:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4860 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbdAoPXf-hEK6MesrjdQ88q1KUc8PZl0b0dZ7yhK28MVTeEoEfN2pL1Q2pCGUyOOiUchmuXSU_hvsfxTM6Alwr22C4iI--2BCa6i1yGIsDh0zDo4ItpVpX2pReIJyHEB97s5Av3Q&sai=AMfl-YTGpSV9CjkdR90RNm8EZdyEA8IkQjt7bG9d3BzZRaibQ7YzxDWjT9eWrYu-OV6C5OYprpJNlgqjA5G_&sig=Cg0ArKJSzJOa_0U5zbcVEAE&cid=CAQSGwDUE5ymqYGvC5-M4dp57_L4ougzA0GE__LEnRgB&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2404697248&rs=2&la=0&cr=0&vs=4&r=v&rst=1677304155724&rpt=625&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 1B70 57 KB
19 KB 49ms
48ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253301&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iPjPEm7pCe12o8tSLPAAka&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=32180591&DVP_DBM_4=347817816&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43537264818&turl=http://sum.in.ua/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 1B70 1 KB
901 B 409ms
38ms Script
text/javascript 34.149.12.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_207947938781&jsTagObjCallback=__tagObject_callback_207947938781&num=6&ctx=1828362&cmp=115739&plc=4253301&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=207947938781&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=110&bridua=3&dup=null&turl=http://sum.in.ua/&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iPjPEm7pCe12o8tSLPAAka&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=32180591&DVP_DBM_4=347817816&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43537264818&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEATbpTauTauDF%3E%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauDF%3E%5D%3A%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=4.90&callbackName=__verify_callback_207947938781
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 8b245f9c350ba1a330371b0543ed21d28d333ccbef11e737cfd65e48a351fc78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:17 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/24/2023 05:49:17

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0419 0
20 B 69ms
68ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkUnlXaH5Y4PmDtCkgQehwr7wDQAAAAA4AeAEAg&bg=!DwylDFjNAAZYlHKzeJQ7ADkAdvg8WjH8w8y8EAw-ik98EiX11B1q1GpX1EF_w1ix3xXk9MeJPT-7CfcfyYTOedOuvWf_8_nEwz8CAAAAYlIAAAACaAEHmQLdvRG2kFAlNxj-UPH-UfF3_W7sRmfMvjVeI_K-xSP-h4z8t3abWviodVnFrJaUEnyBdZTqqxbYKnM0qPjzM2FjaPiX9WorZXp90B5Z8gfHLMmhGBLU6jJfVbuIFidKfof8ExO91P7djhsNsOr8cbcpWrmXkXrBKmYeAkHO2mVjcJVEiMZ32C5ZwsOZVglnJbg0KcYISRLLfuYC-FBgeXKCiJP7v0QrdwBLyEo6Fh3_9ieuccmG9KN3UuX71KArmFj42pnu3cUtK6npvjVjkdiqpR6PlWCOznCxwAUz3Vwp39V3bYgCk0M5UyIllEdY6wWUT8P8m1EGguN5hZaqwoqH66fg-G_hhnk3w4dhVVKeLRGqkdtBFtIN-aG9G8EZjkcCrsW1FbzZvFnqvkaeuHE58mkbxCU7_yQsi7O8m14tzeojmp-OmlI_aitaxF9TUMAVgay3auzbvimAWHtqifB7GIRW4foyM_998kSVDcjYYt-dHzZczZhsD1QPEQf5QQ8CrToGSYArjPsV1_VIPtf2quacmNakBpdRvgOJFaarm_W0WjUjS_2Dr4D1wWpRVr_ZzURm9hryH-iRjOtQXZHZ6_4O1n9frGTuVYfbhOqlO-d6MyoCY8FRjGgjGUIvrt59Bp0iLfxCuZBhDzIYpAli_7O29ERpfsKuIsZQP0VJUw8Pvv8lgOBGw_Ot-3rKGZsvn7WRv0MwuRRV-hU9KmWPyg5HJB7u7IPrnB5LfnngaEsYtzK-Qy_-xEy3DNLqJbKXJFiUhiwukF6lDdYJdBjwrOGYqG38KsdE8SIiEtcpRbQ1vA_M1KGLQo9UIXcplPd-5xQZmQXf2ci9TagB8ypA04bXzSW-ZILRSYzCzBHwKHeF0gaAFjaksi-bmJ3eyTwROaLVgPL0oTC1-v5XORvrzaUA1C2PsQDANQmZ4sctXGiBGh1N0IXTxudeNiuGwhbp7h-w9AybTQqcrZaGjQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 1B70 16 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 04:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 25 Feb 2023 05:54:09 GMT

GET
H3 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame 1B70 60 KB
23 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 16:22:50 GMT

GET
H2 200 B9689862.280630144;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=2432479424;ord=o8dtdm;dc_rfl=2,http%3A%2F%2Fsum.in.ua%2F$0;xdt=1;crlt=.ZmOSy7l)0;stc=1;sttr=37;prcl=s Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 1B70 55 KB
26 KB 130ms
65ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=2432479424;ord=o8dtdm;dc_rfl=2,http%3A%2F%2Fsum.in.ua%2F$0;xdt=1;crlt=.ZmOSy7l)0;stc=1;sttr=37;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

cdd457afb3ef6829e5d66e89388fc9909fdcc29d2d4db5a7a168161eed335fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/ Frame 1B70 8 KB
3 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=2432479424;ord=o8dtdm;dc_rfl=2,http%3A%2F%2Fsum.in.ua%2F$0;xdt=1;crlt=.ZmOSy7l)0;stc=1;sttr=37;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:47 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B70 0
0 139ms
57ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuItXyYYlQHC5Ff8_C-tqusBv8Gwh0x7rTKoaTjgsctobnu21ANDvPd2xMXxDup-DB9U9WaPjQmv4GrhtN7-7UT-Fhf9Er-GRrUVEK2xGFkIUsUjfwN4TAFFyw76fSYJa52YqrxE1K0sXhyNHAuBodXiok&sai=AMfl-YRcfuNW6if4JqYyYsWd1_4SZmKDnDUNlV9QLDQDYaWsUnWVFJE-xEBv3sbsTWc_LvlAQHlO5P8cOb_2IWbZZjT9reWTuyluGqhVEA&sig=Cg0ArKJSzDGPGywYzKXdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230222.55536&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Feb 2023 05:49:18 GMT

GET
H2 200 16962963768266320094
s0.2mdn.net/simgad/ Frame 1B70 33 KB
34 KB 140ms
34ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16962963768266320094

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 17:53:26 GMT
x-content-type-options: nosniff
age: 388552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34175
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:29:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Feb 2024 17:53:26 GMT

GET
H/1.1 200
OK dv-measurements3536.js Show response
cdn.doubleverify.com/ Frame D5BF 555 KB
106 KB 48ms
48ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3536.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 30780bf3c21b05a7eeada22b3169a49d934102323c7302f437e5cad8867e0166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 05:49:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Feb 2023 15:14:41 GMT
Server: Microsoft-IIS/10.0
ETag: "80c6f9395041d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108460

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC42 1 KB
643 B 33ms
33ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 10:57:40 GMT
etag: 48472445140208031
expires: Sat, 25 Feb 2023 10:57:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1B70 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 057cc282163ecfb4f21f6b678d5b1bdf01bbf137dfab7e33a2ad5bfaa564f4a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 05CE 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 563757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:13:21 GMT
expires: Sun, 18 Feb 2024 17:13:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame EC42 0
104 B 230ms
79ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM5UBkWMNvhjMLviRMuH3N4&google_cver=1&google_push=Aa02lx_2lj6HHysn46UA44VBqar4ul7GOrts9SCVPT5OqzdOWN0F7UA7aiC7nCHkRlcSLc0n85KBKL3Ud5XtXBi1XO9w8sij_zDZ550
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC42
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEsPrN7ZrwizU2jpWwvEvtk&google_cver=1&google_push=Aa02lx9QvpV6mkMZ_BKkKgvhhFloYy5N66WPCV_mQD_NELgVM25U9j_cwCiJoe3sXpjJT7mmk714TMpaApx9uf9V...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9QvpV6mkMZ_BKkKgvhhFloYy5N66WPCV_mQD_NELgVM25U9j_cwCiJoe3sXpjJT7mmk714TMpaApx9uf9VDVkJRyR2O8a5a6A

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9QvpV6mkMZ_BKkKgvhhFloYy5N66WPCV_mQD_NELgVM25U9j_cwCiJoe3sXpjJT7mmk714TMpaApx9uf9VDVkJRyR2O8a5a6A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 25 Feb 2023 05:49:18 GMT
Server: MT3 530 4e92630 master zrh-pixel-x28 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx9QvpV6mkMZ_BKkKgvhhFloYy5N66WPCV_mQD_NELgVM25U9j_cwCiJoe3sXpjJT7mmk714TMpaApx9uf9VDVkJRyR2O8a5a6A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 25 Feb 2023 05:49:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC42
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBCuvTt7tRqnmp9c_7qklYI&google_push=Aa02lx-XPgQMF-4qynABRXRtsR4xCn_99gY1P5CjPXIJ-0OonXl_yeNkx_...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBCuvTt7tRqnmp9c_7qklYI&google_push=Aa02lx-XPgQMF-4qynABRXRtsR4xCn_99gY1P5CjPXIJ-0OonXl_yeNkx_4o3kNtdOLhkFXSWtRqRa3eGsRCcIe1m27jMKnnsrTlDds

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677304158.228499,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBCuvTt7tRqnmp9c_7qklYI&google_push=Aa02lx-XPgQMF-4qynABRXRtsR4xCn_99gY1P5CjPXIJ-0OonXl_yeNkx_4o3kNtdOLhkFXSWtRqRa3eGsRCcIe1m27jMKnnsrTlDds
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC42
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHyR91B17fXMyx0JQq-qDgo&google_cver=1&google_push=Aa02lx-p9UITgT77NAs9wm7gcCKFygPojuqcNHHUhqQDLx8rFOFjc5SiDThxP8XGAi1MIoq6Bz2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVKSkw3STItVC0zV0RW&google_push=Aa02lx-p9UITgT77NAs9wm7gcCKFygPojuqcNHHUhqQDLx8rFOFjc5SiDThxP8XGAi1MIoq6Bz2uV82BYrKMv9SOn4GxJkxbMNj65Mg

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVKSkw3STItVC0zV0RW&google_push=Aa02lx-p9UITgT77NAs9wm7gcCKFygPojuqcNHHUhqQDLx8rFOFjc5SiDThxP8XGAi1MIoq6Bz2uV82BYrKMv9SOn4GxJkxbMNj65Mg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVKSkw3STItVC0zV0RW&google_push=Aa02lx-p9UITgT77NAs9wm7gcCKFygPojuqcNHHUhqQDLx8rFOFjc5SiDThxP8XGAi1MIoq6Bz2uV82BYrKMv9SOn4GxJkxbMNj65Mg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC42
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOnaH3zkxfizeme0_0gwaSU&google_cver=1&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZ...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZv...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU2MDkzODcxMDkzNTAxMzk2NjkwOQ%3D%3D&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU2MDkzODcxMDkzNTAxMzk2NjkwOQ%3D%3D&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZvxNA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU2MDkzODcxMDkzNTAxMzk2NjkwOQ%3D%3D&google_push=Aa02lx-aSDmgT4b9of2JLKiRhTMMNWsAv3tSSwXOgCg4ApztGtMxq-9l1EIJLD3X76yH5uUu3dWnlAWjXIUJqlx0fQvzEpRNxZvxNA
date: Sat, 25 Feb 2023 05:49:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC42
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENiYLwlJmefuJSE7ShOAf5s&google_cver=1&google_push=Aa02lx85ab3RKbXQF...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYwMzI1NTkzMjUxODQ2MTU5Mg%3D%3D&google_gid=CAESENiYLwlJmefuJSE7ShOAf5s&google_cver=1&google_push=Aa02lx85ab3RKbXQFl_lZy5TtM2rP9qEk9...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYwMzI1NTkzMjUxODQ2MTU5Mg%3D%3D&google_gid=CAESENiYLwlJmefuJSE7ShOAf5s&google_cver=1&google_push=Aa02lx85ab3RKbXQFl_lZy5TtM2rP9qEk90Ad1Pj-Uf5h-7aL-MtL3VUrYQRjuuKE_P0O_usRnvdAZa4kSgGlI8rzrZb_1emTzAX8rRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 25 Feb 2023 05:49:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d7800640-9357-41f7-8b81-ed83cc7d0f30
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYwMzI1NTkzMjUxODQ2MTU5Mg%3D%3D&google_gid=CAESENiYLwlJmefuJSE7ShOAf5s&google_cver=1&google_push=Aa02lx85ab3RKbXQFl_lZy5TtM2rP9qEk90Ad1Pj-Uf5h-7aL-MtL3VUrYQRjuuKE_P0O_usRnvdAZa4kSgGlI8rzrZb_1emTzAX8rRg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC42
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOgl39X0d...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOg...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=00d38a9d-658c-472e-8c69-15837c225971&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=00d38a9d-658c-472e-8c69-15837c225971&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=00d38a9d-658c-472e-8c69-15837c225971&%%GOOGLE_PUSH_PAIR%%
date: Sat, 25 Feb 2023 05:49:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC42 0
12 B 30ms
29ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuXkYYI4H7yqKKK19wr2RpFZepNNlQEGKkPAZxByT3HdRynu_iGoi_I9j24Fn4IZwPQR3UbV4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 05CE 36 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 06:22:04 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame D5BF 1 KB
926 B 261ms
33ms Script
text/javascript 213.254.244.109
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=136&ttfrms=26&brid=3&brver=110.0.5481.177&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauDF%3E%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauDF%3E%5D%3A%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1677304158237819&jsCallback=dvCallback_1677304158237530&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3536&tgjsver=3536&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230222%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=6&brh=2&sdf=2&dvp_epl=228&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=http://sum.in.ua/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iPjPEm7pCe12o8tSLPAAka&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=32180591&DVP_DBM_4=347817816&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=43537264818&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=3458566603.1358852&dvp_tukv=66317220.292740084&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=595032320244&jurtd=888907438
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3536.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.109 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 1a12fcc9919b2c80b125b01d91bb9c5275b6296c03fcbc51e044e612fd6c3917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:48:21 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 02/24/2023 05:49:18

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B70 0
0 58ms
57ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuItXyYYlQHC5Ff8_C-tqusBv8Gwh0x7rTKoaTjgsctobnu21ANDvPd2xMXxDup-DB9U9WaPjQmv4GrhtN7-7UT-Fhf9Er-GRrUVEK2xGFkIUsUjfwN4TAFFyw76fSYJa52YqrxE1K0sXhyNHAuBodXiok&sai=AMfl-YRcfuNW6if4JqYyYsWd1_4SZmKDnDUNlV9QLDQDYaWsUnWVFJE-xEBv3sbsTWc_LvlAQHlO5P8cOb_2IWbZZjT9reWTuyluGqhVEA&sig=Cg0ArKJSzDGPGywYzKXdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=196&dett=2&cstd=0&cisv=r20230222.55536&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 05:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Feb 2023 05:49:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05CE 0
21 B 69ms
68ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDs4EXqH5Y7Fdt5f27w_luL_gDwAAAAA4AeAEAg&bg=!8fKl8qbNAAZYlHKzeJQ7ADkAdvg8WpcgJ_5JCuW-LUVktZDukfs8agJa5WOctR9vKI6oXNAZKApDsZB-3WYlmn0X3wQ0naIL8AkCAAAAhlIAAAADaAEHmQLpGTOwb1QsRY4tpQGAQtIlO3xwRc7dQ_NQvKFgJzff0z2pz_7YGbyX_JWIAxmjVLSBNBUQAFpisP2_3jhN3SWXkDpUlvRE9PQA2Lset5YGcGKf7kr46Flmr2Pd0qQO5Np97x1sX3hkeyBfu5tJ6tNpZZzZLo4bPpm2bQCU3GT835g4Q5EbMKkh_DaK1xTuY0vcb0kwMT83YQonTDesGMnAP81dJWeIwJwrtCA1iQc3Oj0NUXv-KNhm4yreCx5eMgouGUYn-LYEIzWS-Nug8-Y-DLoFGWfYvTpEQcZE3lVI6sd9_lnWr7yor5h4dC0J5fZw3gyIIPowvVuZgt0KocKutxPlJ4gBrhfFNII2Jz5VJG2brgH0r06k0GUakW4Eai56LW3pVusLEL9VMeD60cVm7rpbwo0ni96aJaJ_CyOPEGKceOueyqiE19G-ip1sFp6uCB2sguDUMJhG2CtNVkHib8zqeJBejBg5NsHQr1rGI0wdrXUIlcdbrqwAFRlCWyOPja9HMK4AuC8NonOa7hBryrr2YTfq_MM-ZnxorZBc5K4BXEpR8lNVIfTt-116VEVlOdxOrfmZOULs-I0LlkCZssI_xsew22PsSEjs1rVvqcVODhmRO_CbpBrrFk-uQJmxCDKEKGW1Qp0SdpVjrBWYmVbFV1kI-6P69TeJgaSBDLdBdauYGvM2uOfR2-2yVwci0-9rPMEx6211hmA7KZSzQWM3oA4TwUIwaAyashkWYHPB9GIaeuIIRr_XTmRmF8ZG-oGe6wLShbK4MKYuz7mlHi8zhMBJWMmsxLg2VLAAWK3mK5AUDwULREayi8VMY48qSfvVzMrnG3O-20v8qYY1oerJvJ2sccqTppuVvZ5viq4sM8KSbkoiqtk94Z9hyqfmOtnH-8wGKogh3NIYNyrHoINkaKM2d3viiSyWujQ0uXFQOIyiNh1nkzDE1aNIS_zmY5cH6h3PF_trzqMEpt02IPIDcJtA4RWKeA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

event.png
tpsc-frc.doubleverify.com/ Frame D5BF
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=8406bceba5b64db2b7e9a102f56771a1&dup=&eoid=1000&cbust=1677304158506848
https://tpsc-frc.doubleverify.com/event.png?impid=8406bceba5b64db2b7e9a102f56771a1&akipv6=2001:1b60:2:240:3247::6&dup=&eoid=1000

0
138 B

111ms
21ms

Image
text/plain

213.254.244.109
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=8406bceba5b64db2b7e9a102f56771a1&akipv6=2001:1b60:2:240:3247::6&dup=&eoid=1000
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Server: 213.254.244.109 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 05:49:18 GMT
Cache-Control: max-age=0
Expires: 02/24/2023 05:49:18

Redirect headers

Location: https://tpsc-frc.doubleverify.com/event.png?impid=8406bceba5b64db2b7e9a102f56771a1&akipv6=2001:1b60:2:240:3247::6&dup=&eoid=1000
Date: Sat, 25 Feb 2023 05:49:18 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B70 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxas4PipTzzbDwiPT2cUhkOefBDPrhsj2mdZxGbyWVJxjclgnp5oAlYq7e5XIz4LAxbgvbMyOfm1zLn1lBGYHm9ltxi7GjvoLeiGPys7Uu9wEOoZXQorPwpVmokt49mF4XIctEnA&sai=AMfl-YSaUSgJEVHZZ2YlMrrMQgz_CdVnUlH9___Kbu0Sioz-Xmksas1Wemluqu1w-Z65VhQZBSgEdvzX-dYr1a6MY_lINFgc0bVcAIflzKsk7_dMaPlsRZO19fuNxBZQ&sig=Cg0ArKJSzPp0rjV6ogHDEAE&cid=CAQSPADUE5ymILK2FrPL9RM8dbnHU3BrPSg1gLNBuP_YD3cJP-JYhZfbYMvOYjxhsOTSWuiJDw0YNCJPtCy7NhgB&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1677304157110&rpt=1162&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B70 42 B
64 B 66ms
66ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoMn5sIEGpYa-MTY6iNyiphWaEHuAOyQ2xi1WLAV9Jk9t-wTrS9eXT1wpV1ZYtQ1kOwuiqZC2pDC0GSHch3EhsIWSWzKap&sig=Cg0ArKJSzOvSg2LFYpGKEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2432479424&rs=6&la=0&cr=0&vs=4&r=v&rst=1677304157110&rpt=1165&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B70 0
21 B 65ms
65ms Ping
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6230331846921&version=m202301230201&ct=77&x=1&cor=5188509570247657000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 05:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sum.in.ua/	1970-01-20 09:55:07	Name: kohana Value: guvq9cq6d1kv8okc061anrmak3
sum.in.ua/	1969-12-31 23:59:59	Name: b Value: b
.i.ua/	1970-01-20 09:55:05	Name: __cf_bm Value: PDeH.EUdOL1gX8lOVAMhkmd5Y.2KRYkBz.W48e4xb1g-1677304155-0-ATvJRJnBnRs3CI60Pqcg3DiuZzRfXLdb2Z4AqT39ievdqDFd9fQd96O8Bydi9txy41w+EE9RP8uCQ15uKpTgaUg=
.yadro.ru/	1970-01-20 18:40:08	Name: FTID Value: 1Z-Q5R2b1a8V1Z-Q5R003M3Y
.yadro.ru/	1970-01-20 18:40:08	Name: VID Value: 1LBdSn1ytPeV1Z-Q5R003M4I
.sum.in.ua/	1970-01-20 19:16:40	Name: __gads Value: ID=b99de7d79410aa72-2289badf22dd00d8:T=1677304155:RT=1677304155:S=ALNI_MYzww1AYkhtCD0yhfBrQfkQpd3mRg
.sum.in.ua/	1970-01-20 19:16:40	Name: __gpi Value: UID=00000bbbedc477b3:T=1677304155:RT=1677304155:S=ALNI_MZi0WUZoUU-yMeKHk1AcidgJQ7Pdw
.doubleclick.net/	1970-01-20 19:16:40	Name: IDE Value: AHWqTUkjJGDcGL78Y2ev1ppY7hwySr9Zv5nwJMUTlR_sgrdvIzIIyClevJTeVmS7snU
.adnxs.com/	1970-01-20 12:04:40	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUhu%D/O!@wnfH8K6pQK`!5=E<L5?%K91.$R2/!1xCkB$_i]QGxc1J95W8nHFGoj'bpRzqF1`b_Ba*/$]k
.adnxs.com/	1970-01-20 12:04:40	Name: uuid2 Value: 2603255932518461592
.casalemedia.com/	1970-01-20 18:40:40	Name: CMID Value: Y-mhXZO8A5Yk19WVi32GugAA
.casalemedia.com/	1970-01-20 12:04:40	Name: CMPS Value: 3223
.casalemedia.com/	1970-01-20 12:04:40	Name: CMPRO Value: 3223
.3lift.com/	1970-01-20 12:04:40	Name: tluid Value: 3560938710935013966909
.everesttech.net/	1970-01-20 18:40:40	Name: everest_g_v2 Value: g_surferid~Y-mhXgAH-jIIXABh
.bidswitch.net/	1970-01-20 18:40:40	Name: tuuid Value: 00d38a9d-658c-472e-8c69-15837c225971
.bidswitch.net/	1970-01-20 18:40:40	Name: c Value: 1677304158
.bidswitch.net/	1970-01-20 18:40:40	Name: tuuid_lu Value: 1677304158
.mathtag.com/	1970-01-20 19:20:59	Name: uuid Value: e0a563f9-a15f-4700-8cef-b7ab5028ac06
.mathtag.com/	1970-01-20 10:38:16	Name: mt_mop Value: 4:1677304159

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://sum.in.ua/(Line 124) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8755740694848073&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://sum.in.ua/(Line 124) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8755740694848073&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
c.hit.ua
cdn.doubleverify.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.i.ua
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.i.ua
rtb0.doubleverify.com
s0.2mdn.net
secure.adnxs.com
sum.in.ua
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.3.81
142.250.185.162
142.250.185.230
142.250.186.34
151.101.66.49
185.29.132.245
185.80.39.216
185.89.210.141
185.89.210.244
195.242.161.64
213.254.244.109
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200a
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.149.12.213
52.28.147.41
69.173.144.139
76.223.111.18
88.212.201.204
88.212.202.52
89.184.81.35
057cc282163ecfb4f21f6b678d5b1bdf01bbf137dfab7e33a2ad5bfaa564f4a5
09462e959a3ba09daaa71e813a7375fe25fe24c44533bfd71b8ab109ce7377e9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
11e03c6e2ff4cc7f90ac5da7cc0abc07e80c0117f778a128d1f4d3b035dfb784
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f
1a12fcc9919b2c80b125b01d91bb9c5275b6296c03fcbc51e044e612fd6c3917
28e1dff6111115a71001c4483e3eb617ca51b1f0e0ece9972fb9464021b7b2e8
30780bf3c21b05a7eeada22b3169a49d934102323c7302f437e5cad8867e0166
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0
4b0a4a2fab96b7c178fe8bd3409fe70d2b770e3683c3392e273c2277a7089745
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5851da0728ca1ed1f661c31af12e7c5731230af08613c1a6d2654befe4f7a697
5a5a6f2a04e9ddc3540923e941b464647419713742e15d97ec6bd947b0223f2d
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b072d43716a38a1bddec34708a78c44b52a9844eaa3269d3e76cb4c35e25227
6d25c1070f595425708f5e33f7c5a0108498ab4ac3a5ef7e13da0c83c802a12c
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974
79a6714763fedcd249ecd9d8e83cc1c98d406fa1d1e40e28331d8d4bc11eedc7
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
8294f47c10ab9172680f9bba780fecd122dbec7acc578a6973704c97903a8915
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8768d92ce33d07678ead960c4b6fcd7ee24e5f8e17beffcffdbbd2cac4df03dd
8b245f9c350ba1a330371b0543ed21d28d333ccbef11e737cfd65e48a351fc78
8ca436a820fd812f1bf4e027e89b5e401e1408c0194a543d9c55480b93a641c5
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
96e0bc90144b8c11d75104fbb9cd2d58f98b30a2539f2fbe2e26a422ce3ebf0c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a124b43d0fc2866b9a28b53c8b4c1b087a7f5fce030936a82cb46df72e5bafd6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4701a1c8f69f4fc06ec45b93b3135d5e6965b328c4a6c01c99614df33d7cf28
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c774c517aed5e5049f61878079accbea5c3741fbe94583ce6e7d3f979d217bc6
c7ac826bc27556c47baa1cc2c458606008e6ccda29e6ac7df3d44d30ad4fee06
c914e8d3014b5159ebffe41af960dc39589d1be00d5c692776a70bab3942e01d
cdd457afb3ef6829e5d66e89388fc9909fdcc29d2d4db5a7a168161eed335fb4
d713d9913b73b947594c2ee73d0ab5964fbdbfd93641a265660e0ec54e24993e
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

sum.in.ua Open in urlscan Pro 195.242.161.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

77 %HTTPS

45 %IPv6

24 Domains

35 Subdomains

27 IPs

9 Countries

1124 kBTransfer

3026 kBSize

20 Cookies

3 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sum.in.ua Open in urlscan Pro
195.242.161.64 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

77 %
HTTPS

45 %
IPv6

24
Domains

35
Subdomains

27
IPs

9
Countries

1124 kB
Transfer

3026 kB
Size

20
Cookies

97 HTTP transactions
2 data transactions