www.pravda.com.ua Open in urlscan Pro
107.178.251.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pravda.com.ua/
Effective URL:
https://www.pravda.com.ua/
Submission: On August 18 via api (August 18th 2022, 2:00:50 am UTC) from GB — Scanned from GB

Summary HTTP 177 Redirects Links 84 Behaviour Indicators

Summary

This website contacted 55 IPs in 14 countries across 35 domains to perform 177 HTTP transactions. The main IP is 107.178.251.122, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.pravda.com.ua. The Cisco Umbrella rank of the primary domain is 61810.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on July 14th 2022. Valid for: a year.

This is the only time www.pravda.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	107.178.251.122 107.178.251.122	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e01::883:1	200325 (BUNNYCDN) (BUNNYCDN)
21	34.111.239.200 34.111.239.200	15169 (GOOGLE) (GOOGLE)
1	95.217.4.138 95.217.4.138	24940 (HETZNER-AS) (HETZNER-AS)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
7	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	3.121.203.249 3.121.203.249	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
6	188.40.115.111 188.40.115.111	24940 (HETZNER-AS) (HETZNER-AS)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 2	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
37	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.47.209.6 23.47.209.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:e5d2:c58:d552:4f0b	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.251.245.179 72.251.245.179	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.203.133.218 52.203.133.218	14618 (AMAZON-AES) (AMAZON-AES)
177	55

12 107.178.251.122 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 122.251.178.107.bc.googleusercontent.com

pravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e01::883:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.111.239.200 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 200.239.111.34.bc.googleusercontent.com

img.pravda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.4.138 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.4.217.95.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.203.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-203-249.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.40.115.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.111.115.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.125.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.209.6 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-6.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:e5d2:c58:d552:4f0b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.133.218 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-133-218.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	313 KB
21	pravda.com img.pravda.com — Cisco Umbrella Rank: 120754	3 MB
14	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	183 KB
12	pravda.com.ua 1 redirects pravda.com.ua — Cisco Umbrella Rank: 58659 www.pravda.com.ua — Cisco Umbrella Rank: 61810	309 KB
11	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 519 eus.rubiconproject.com — Cisco Umbrella Rank: 582 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel.rubiconproject.com — Cisco Umbrella Rank: 327	15 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 304 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260 s.amazon-adsystem.com — Cisco Umbrella Rank: 282	47 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	62 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	2 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456 r.casalemedia.com — Cisco Umbrella Rank: 778 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	7 KB
7	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16174 tt.onthe.io — Cisco Umbrella Rank: 13100	23 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 54085 ls.hit.gemius.pl — Cisco Umbrella Rank: 14568	19 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 759 gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	8 KB
4	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1019 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488 ads.yahoo.com — Cisco Umbrella Rank: 2295	2 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 604	33 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 100326	185 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	209 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	115 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 3830	563 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 594 cdn.indexww.com — Cisco Umbrella Rank: 1405	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	57 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 617 eb2.3lift.com — Cisco Umbrella Rank: 418	649 B
2	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2604	1014 B
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 141764	25 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 984	99 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 743	759 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1500	408 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 592	98 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	732 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	40 KB
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 420484	169 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5357	288 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8747	432 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3944	490 B
177	35

	Domain	Requested by
37	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.pravda.com.ua 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com tpc.googlesyndication.com
21	img.pravda.com	www.pravda.com.ua
11	www.pravda.com.ua	www.pravda.com.ua
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.pravda.com.ua
6	www.google.com	1 redirects www.pravda.com.ua securepubads.g.doubleclick.net tpc.googlesyndication.com 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
6	tt.onthe.io	cdn.onthe.io
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.pravda.com.ua
5	token.rubiconproject.com	5 redirects
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	1 redirects r.casalemedia.com um2.eqads.com
4	cm.g.doubleclick.net	1 redirects r.casalemedia.com
4	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
4	gaua.hit.gemius.pl	1 redirects www.pravda.com.ua gaua.hit.gemius.pl
4	cdn.membrana.media	www.pravda.com.ua cdn.membrana.media
4	www.googletagmanager.com	www.pravda.com.ua www.googletagmanager.com
3	ib.adnxs.com	cdn.membrana.media acdn.adnxs.com
3	www.googletagservices.com	www.pravda.com.ua securepubads.g.doubleclick.net 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
2	um2.eqads.com	1 redirects r.casalemedia.com
2	s.amazon-adsystem.com	1 redirects r.casalemedia.com
2	match.adsrvr.org	r.casalemedia.com
2	pixel.rubiconproject.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	googleads.g.doubleclick.net	3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.de	www.pravda.com.ua
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	inv-nets.admixer.net	cdn.membrana.media
2	c2shb.ssp.yahoo.com	cdn.membrana.media
2	fastlane.rubiconproject.com	cdn.membrana.media
2	s.zmctrack.net	www.pravda.com.ua
1	cdn.indexww.com	r.casalemedia.com
1	sync.taboola.com	r.casalemedia.com
1	p.rfihub.com	1 redirects
1	cm.adgrx.com	r.casalemedia.com
1	id.rlcdn.com
1	ads.yahoo.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	r.casalemedia.com	js-sec.indexww.com
1	ssum-sec.casalemedia.com	1 redirects
1	acdn.adnxs.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	eb2.3lift.com	cdn.membrana.media
1	mug.criteo.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	region1.google-analytics.com	www.googletagmanager.com
1	loadercdn.net	www.pravda.com.ua
1	ghb.adtelligent.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	cdn.onthe.io	www.pravda.com.ua
1	pravda.com.ua	1 redirects
177	61

This site contains links to these domains. Also see Links.

Domain
www.epravda.com.ua
life.pravda.com.ua
www.eurointegration.com.ua
forum.pravda.com.ua
blogs.pravda.com.ua
www.istpravda.com.ua
tabloid.pravda.com.ua
dostup.pravda.com.ua
www.facebook.com
promokod.pravda.com.ua
club.pravda.com.ua
www.youtube.com
bit.ly
twitter.com
t.me
www.instagram.com
interfax.com.ua

Subject Issuer	Validity	Valid
*.pravda.com.ua Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
cdn.membrana.media R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.pravda.com Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
loadercdn.net R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
um3.eqads.com Amazon	`2022-06-11` - `2023-07-09`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.pravda.com.ua/
Frame ID: 009A941B6A8CA751B3F00636CECB81E9
Requests: 104 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: DD6D7FE511DEE1A3D38ACB81B0F71A34
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: F6A9B1BB4F4233C857CB76BEA6ACE13F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t
Frame ID: BF2EAB30365DDB1FDC57811A8FE62B56
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 42CAC30882280B571A2EF782B97CB4ED
Requests: 1 HTTP requests in this frame

Frame: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56AE8ECCD1767B3B4FCC439260B620D6
Requests: 1 HTTP requests in this frame

Frame: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 771B9930CA638096A1582A056D8255D0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA_-ekl9xNBwZ450MtrdTS0HnH4gIXGo5kgZKkOasswpHqLyebbg1BSSILn3pe3wbGrQd9yTvj7R3lQ0QsuYWY6kmo8v1JOATyAqr9dYR3o7Dods-jtWKdE9qAmhqOQtO3a8rlfNWytXeTf8waXnYwU7AZZfOYE9brqYcc2UAwTXWycNek29fJdZDR2QGQs9f-f-V8mlr30AVXvx_KElR7_PI4pav6KvfhOmAzRBMXd8G8xkny0ROEB_kiyg54bKhVEGVwgPTYXV_t7UIHuvwg2cyjOHiGkZJWDaNkTikTnHzYkoyFcf6YqJjg-CTma67d&sai=AMfl-YRe9qUQKqKoE-Ct14jNHs5SVr2QfXfa0PB6Z6XuFDWWBDnTMnh2gwItjFN4EyXeGYje_dx1XrbQ6CQDhRDP3a82O1fU_Cx_53BMp8JaXBObUc1bPZDFEXlB90aHfwLYSw&sig=Cg0ArKJSzJZnrEMfMTq0EAE&uach_m=[UACH]&adurl=
Frame ID: F7AD58AA0996CCFE01195C98F2741F0C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html
Frame ID: 3783F5624B981E2898458F02FBFD276A
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB88F43D359DECB4D8DDEDE28A87A0A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 150B2B2FA0BD789C6D944F762F694EAB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pravda.com.ua
Frame ID: 7B8AC9012DD3B2ACC1C5E65233F89F9E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FFE4CBCE55DB908875BA8DA6B7FEED25
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0E8C0E49CF1E104CDD5FC9FD72528E32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 58B933287D80B5F6A2B4F0CF6F05F0DD
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 18FE883680F799E6B310213798D79BB9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FFA9520B076E8BEF8EE70FAA7B8AB9FD
Requests: 3 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 991664181FE609529F3D779A4F20460A
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 96A57209AD3F25FD0934163EC0FC58AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Українська правда - новини онлайн про Україну

Page URL History Show full URLs

http://pravda.com.ua/ HTTP 301
https://www.pravda.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

177
Requests

94 %
HTTPS

40 %
IPv6

35
Domains

61
Subdomains

55
IPs

14
Countries

4476 kB
Transfer

7076 kB
Size

49
Cookies

84 Outgoing links

These are links going to different origins than the main page.

URL: https://www.epravda.com.ua/
Title: Економіка

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/
Title: Життя

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/
Title: Європа

Search URL Search Domain Scan URL

URL: https://forum.pravda.com.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/
Title: Блоги

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/
Title: Історична правда

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/
Title: ТаблоID

Search URL Search Domain Scan URL

URL: https://dostup.pravda.com.ua/
Title: Доступ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ukrpravda/shop/?ref_code=mini_shop_page_card_cta&ref_surface=page
Title: UP Shop

Search URL Search Domain Scan URL

URL: https://promokod.pravda.com.ua/
Title: ПРОМОКОДИ

Search URL Search Domain Scan URL

URL: https://club.pravda.com.ua/?utm_source=main&utm_campaign=pravda_button_ukr
Title: Клуб УП

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/projects/proftech/2022/05/10/248513/
Title: Бізнес, нове обладнання та навчання педагогів. Чому розвиток профтехосвіти критично важливий під час війни

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/04/25/686166/
Title: Якщо необхідно допомогти близьким та Україні: п’ять зручних сервісів для переказу грошей

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/02/17/247472/
Title: П’ять чотири вісім вісім. Законопроєкт, який покликаний побороти нетерпимість

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/project/2022/bridges/article_21.html
Title: Як українці ставляться до своїх західних сусідів: стереотипи та прагнення

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/02/15/682219/
Title: Банк нашої незалежності, або 30 років Ощадбанку: як змінилося фінансове життя українців

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690493/
Title: П'ятий енергоблок Рівненської АЕС хочуть збудувати до 2032 року

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/projects/know-hiv/2022/08/16/250033/
Title: СПЕЦПРОЄКТЗапобігти ВІЛ. П’ять запитань і відповідей про профілактику ВІЛ

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690535/
Title: Економічні новини 17 серпня: Боголюбов відсудив у Приватбанка готель "Мир"

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/17/250057/
Title: "Українською, будь ласка": у Дніпрі депутати ухвалили програму українізації

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690539/
Title: Bloomberg: Apple презентує iPhone 14 на початку вересня, що в ньому нового

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/culture/2022/08/17/250055/
Title: У Держкіно заявили, що не ліквідуватимуть Довженко-Центр, однак значно скоротять його функції

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690538/
Title: "Нафтогаз" знову не отримав згоди інвесторів на відтермінування виплат за зовнішнім боргом

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690536/
Title: "10-10-10": у Зеленського розкрили деталі можливої податкової реформи

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/17/250053/
Title: Раді пропонують дозволити звільняти від служби військових, у яких під час війни народилася третя дитина

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690534/
Title: Україна готується до опалювального сезону: план виконали на 73%

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690532/
Title: Посилки до Польщі стануть дешевшими та оперативнішими: оператори підписали меморандум

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690530/
Title: Повернення акцизу на пальне не вплине на ціни на АЗС – Мінекономіки

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/17/250052/
Title: Дзеркальні краплини єдності: у Києві встановлюють артоб'єкт з Харкова

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690529/
Title: Німецький НПЗ, який залежав від РФ, тепер використовує нафту зі США – Bloomberg

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/17/690528/
Title: АМКУ оштрафував КМДА та Київтранспарксервіс за завищені тарифи на паркування

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ouLQCcdV4T0
Title: Тарас Чмут – контрнаступ, Притула, Залужний, Арестович, сценарії війни

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/08/9/690134/
Title: Благодійні проєкти аптеки "Подорожник", що рятують життя

Search URL Search Domain Scan URL

URL: https://club.pravda.com.ua/?utm_source=site&utm_campaign=pravda_banner_1

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/health/2022/08/17/250042/
Title: "Перші кроки на протезі хочу зробити у шортах". Як пацієнти отримують штучні кінцівки в Україні

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/08/17/690436/
Title: Грант на бізнес. Як і де отримати безповоротну фінансову допомогу на підприємництво

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/08/17/690517/
Title: Три по 100: хто найбільше постраждає від повернення акцизів на пальне

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/articles/2022/08/17/7145121/
Title: Сербська відмова для Путіна: чи буде на Балканах військова база РФ

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/08/16/690364/
Title: Росії не вдасться приховати злочини. Як стартап за допомогою AI рахує знищене житло українців

Search URL Search Domain Scan URL

URL: https://bit.ly/3BFAszG

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/08/16/690447/
Title: Курс долара +10%: для чого країні новий податок на купівлю валюти

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/08/15/690410/
Title: Податкову амністію продовжили ще на пів року, але українці не декларують статки. Що буде далі?

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/experts/2022/08/17/7145138/
Title: Боротьба за танк: як Естонія декомунізувала головний символ радянської окупації

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/columns/2022/08/15/161673/
Title: Перша гібридна війна Росії

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/columns/2022/08/17/690483/
Title: Нерухомість: які корзинки обрати для складання яєць

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/columns/2022/08/16/161676/
Title: День народження російської вченої як державне свято України

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/columns/2022/08/17/690474/
Title: Що відбувається з ринком аграрної землі на шостому місяці війни

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/authors/horbach/62fd3d7c84221/
Title: Правда не послабить наші позиції на фронті. Правда їх посилить.

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/authors/viatrovych/62fd39cfc1614/
Title: Коли Росія звернула не туди?

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/health/2022/08/16/250030/
Title: На Київщині виявили випадок захворювання на лихоманку Західного Нілу: що це за недуга і як передається

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/16/250032/
Title: В Україні оновили шкільну програму у зв'язку з війною

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/culture/2022/08/16/250031/
Title: У кінотеатрах Києва до Дня Незалежності безоплатно покажуть українське кіно

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/16/250029/
Title: У Норвегії розгорівся скандал через вбивство популярної серед туристів моржихи Фреї

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/culture/2022/08/15/250021/
Title: "Маркер російської окупації": з фасаду КНУ Шевченка зняли меморіальну дошку Булгакову

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/lounge/62fcf8a0131af/
Title: Білодід похизувалася спортивною фігурою на тлі гір. ФОТО

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/focus/62fcfb0e9e873/
Title: Усик у костюмі козака заспівав "Червону калину" на пресконференції з Джошуа. ВІДЕО

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/lounge/62fcf105777cc/
Title: "Відчуваю себе по-особливому": Огнєвіч зачарувала мережу жіночним образом

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/focus/62fce2b12391c/
Title: "Просто божевілля": Седокова гнівно звернулася до колишніх чоловіків та їхніх нових жінок

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/8/249908/
Title: "Військовими" мізками розумієш те, що не зміг би прийняти "цивільними". Історії травматолога з військового госпіталю

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/3/249854/
Title: Сім’ї загиблих військових можуть отримати 15 млн компенсації від держави. Як це зробити?

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/07/28/249746/
Title: Що ви знаєте про Хрещення та державотворення Русі? ТЕСТ

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/07/25/249702/
Title: Порше Україна та Volkswagen передали автомобілі для надання психологічної допомоги

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/07/21/249626/
Title: Що ви знаєте про Степана Бандеру та міфи довкола нього? ТЕСТ

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/07/20/249619/
Title: Тільки чорний гумор і рятує. Будні бойової медикині "Мами Ріти"

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/07/17/249555/
Title: Свідки найбільшого болю і щастя. Як подружжя весільних фотографів з Одеси знімає війну

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/07/15/249554/
Title: Стягувала мертвих з машини, щоб допомогти живим. Фронтові історії бойової медикині

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/05/13/686988/
Title: Lenovo та Xiaomi тихо йдуть з Росії. Huawei, Alibaba, Tencent наступні?

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/05/12/686976/
Title: Закон про конфіскацію майна росіян і білорусів ухвалено: як це буде працювати

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/05/12/686941/
Title: Вільні прайси, безкоштовні обіди і плани з розширення. Як малий бізнес повертає до життя Ірпінь

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/05/11/686903/
Title: Російська нафта за 10 доларів. Як це можливо?

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/08/17/7145155/
Title: "Озбройте Україну, доки не пізно": дипломати, експерти і військові закликали Байдена діяти рішучіше

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/08/17/7145154/
Title: РФ просить в Естонії “ватний танк”, замах на королеву Британії, КНДР запускає ракети: новини дня

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/08/17/7145153/
Title: Кулеба й Блінкен скоординували подальшу підтримку України зброєю

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/08/17/7145152/
Title: Греція звинуватила Туреччину у перетворенні мігрантів на зброю

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/short/2022/05/13/161333/
Title: Окупанти прив'язали червоний прапор на половецьку бабу

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/artefacts/2022/05/13/161332/
Title: Українці - військовополонені у Аушвіці: невідомі мученики

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/short/2022/05/13/161331/
Title: Оприлюднено імена лауреатів «Книжки року’2021»

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/short/2022/05/13/161330/
Title: Презентовано Міжархівний пошуковий портал

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Ukrainska-pravda/114351485246187

Search URL Search Domain Scan URL

URL: https://twitter.com/UkrPravda_news

Search URL Search Domain Scan URL

URL: https://t.me/ukr_pravda

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChparf_xrUZ_CJGQY5g4aEg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ukr_pravda/

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pravda.com.ua/ HTTP 301
https://www.pravda.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t

Request Chain 98

https://gaua.hit.gemius.pl/_1660788044875/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9vCMp3ghVbTxvSwXC37fzp9c06g3PKgIxJlNJo9mtqD.h7BmPEOfdo5OHFjZJQKRxPVB1wF7dHiUDguAo8zWFWnzw9Xz/fPgnvhQ.GQeAt/&ltime=293&fpdata=TQHXRFATXE3PCBZ4rm5zbMZBqKZJZRhaM.88uFu2Wbz.M7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1660788044875/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9vCMp3ghVbTxvSwXC37fzp9c06g3PKgIxJlNJo9mtqD.h7BmPEOfdo5OHFjZJQKRxPVB1wF7dHiUDguAo8zWFWnzw9Xz/fPgnvhQ.GQeAt/&ltime=293&fpdata=TQHXRFATXE3PCBZ4rm5zbMZBqKZJZRhaM.88uFu2Wbz.M7&fpcap=

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://gum.criteo.com/sid/json?origin=publishertag&domain=pravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.pravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bF-LcHw5ckVUU3d3eGJnSWViSm5NZnZnRXJXQVJrNVBTSEgva2hlRzZYRENDOUhhdnpqa1piMHZHZ1lOVDBpckJhVDlwT0pSWE12UmtvUGQ4UVAvdkZwMjB3TjArUmt3cjZvcjdXZlMxc0JOZW5EU0k4VFR5Z3Vsb0JnWFlDL0xZMGxVWUNya1Q3ZzNyNmV1Y2R1NEZ3MmFtZXhZUTc4ME0vRXNKSjNaQmJpeWlETE9XL25ueWJzamdJMGZDNUNuajZDWWpCNHRSNnFvdExxT3pYUDFsaHhERTFkK2wzaGNEcGdFUTlmOWF2SUppUFpnc2c5aHEvYjJyb0MxbFdqV0JHejdBNkw5NlVFU2hacmlzWHIvM0szR0doZz09fA&cppv=2

Request Chain 169

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 170

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6YEBKLN-17-43ST

Request Chain 171

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/5O7XW3Y9gD5ZfukzsQ4eG8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5405878152503863265

Request Chain 172

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6YEBKLN-17-43ST&sigv=1&esig=2~a88ef5d18f1ad7f32d118823eb581139a39156c4

Request Chain 174

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2VhZWY2NjExODA2Y2RjYWViMzcxNGZhM2MzMmFiNGVjM2ExMWQ3YQ

Request Chain 175

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZZRUJLTE4tMTctNDNTVA==

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB&dcc=t

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yv2dUCG270LESB3yk7jTLgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqYIVsbND6mVQpw362t61Q&google_cver=1&gdpr=1

Request Chain 183

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559724146964683

Request Chain 186

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

177 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pravda.com.ua/
Redirect Chain

http://pravda.com.ua/
https://www.pravda.com.ua/

224 KB
55 KB

180ms
62ms

Document
text/html

107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

8957725b4a2c6f363f8ec89bf369c011beca10c776cabe4733c0a7fadd84af6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: must-revalidate,no-transform,public,max-age=15
content-encoding: br
content-type: text/html; charset=windows-1251
date: Thu, 18 Aug 2022 02:00:43 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 162
Content-Type: text/html
Date: Thu, 18 Aug 2022 02:00:43 GMT
Location: https://www.pravda.com.ua/
Server: nginx
Via: 1.1 google

GET
H2 200 firasans-extrabold-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 63 KB
63 KB 76ms
73ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-extrabold-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

fc305fdfcc002fdfa3b77fbe4a4d50a0bcc6fd4f3ae66ab869762eba12100095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 04:29:34 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
age: 1027869
x-frame-options: SAMEORIGIN
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
vary: Accept-Encoding
content-length: 64908

GET
H2 200 firasans-regular-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 63 KB
63 KB 137ms
135ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-regular-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

5bcf40695e94fad0412955244b79a9de0b41c7d8f94f7b95aa53013f4e6f8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 04:29:13 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
age: 1027890
x-frame-options: SAMEORIGIN
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
vary: Accept-Encoding
content-length: 64680

GET
H2 200 firasans-bold-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 64 KB
64 KB 166ms
164ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-bold-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

27f4eb20513cb49452d33d3d5a4fe5552e359026114da038e235ebf373b9bf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 04:29:09 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
age: 1027894
x-frame-options: SAMEORIGIN
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
vary: Accept-Encoding
content-length: 65148

GET
H2 200 index.css
www.pravda.com.ua/misc/v6/ 176 KB
22 KB 122ms
121ms Stylesheet
text/css 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/index.css?29
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 70bf32bcb4c0ab5cfd8d6b03dd1178dd6d424f91547f8065fd600c32275862c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 09:05:36 GMT
via: 1.1 google
last-modified: Mon, 18 Jul 2022 13:53:28 GMT
server: nginx
age: 60907
etag: W/"62d565d8-2c19d"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: public,max-age=1209600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21971

GET
H2 200 jquery-1.12.4.min.js Show response
www.pravda.com.ua/misc/v6/ 95 KB
32 KB 152ms
151ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/jquery-1.12.4.min.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 13:55:04 GMT
via: 1.1 google
last-modified: Mon, 17 Feb 2020 12:57:31 GMT
server: nginx
age: 561939
etag: W/"5e4a8dbb-17b8b"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32724

GET
H2 200 sticky-kit.js Show response
www.pravda.com.ua/misc/v6/ 8 KB
2 KB 164ms
163ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/sticky-kit.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d4cd515598b21cd963f20e9d7179924828fcb1d60c541dfbbe859bcaba3438c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:25:45 GMT
via: 1.1 google
last-modified: Tue, 21 Mar 2017 03:30:03 GMT
server: nginx
age: 624898
etag: W/"58d09e3b-218d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1942

GET
H2 200 common.js Show response
www.pravda.com.ua/misc/v6/ 7 KB
1 KB 165ms
164ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/common.js?8
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e8b42424702c9f88381d064985b720e2da085b15d7f4f3c2dee3a221859453a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 18:20:10 GMT
via: 1.1 google
last-modified: Mon, 17 Jan 2022 13:47:05 GMT
server: nginx
age: 200433
etag: W/"61e57359-1a94"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1413

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 177ms
62ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ae8d628a390b92b088a2124d91b96f52682a743e39b8160dadf3dd0e478d7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41887
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
H2 200 jquery.sticky.js Show response
www.pravda.com.ua/misc/ 8 KB
2 KB 174ms
174ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/jquery.sticky.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: c96bc80cf1140b927030b9397b8796fbf6d1520c2900c868ab01b6e9f8f7cde2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 06:20:37 GMT
via: 1.1 google
last-modified: Sun, 18 Oct 2015 23:19:33 GMT
server: nginx
age: 589206
etag: W/"56242905-2064"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2094

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
29 KB 178ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eed1f473c4f13ea403c87486f2bea8a957f587fb4ed1f110d5cd43cda2d51ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28691
x-xss-protection: 0
server: sffe
etag: "1307 / 60 of 1000 / last-modified: 1660780980"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/upr/ 368 KB
114 KB 183ms
48ms Script
application/javascript 2400:52e0:1e01::883:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/upr/ym.js?v=5
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-883 /
Resource Hash: 6b9455bfadc8c53d61e4342101a637e924f572b54e49a4761bca79129a1560fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 252
cdn-storageserver: DE-198
cdn-cachedat: 08/16/2022 07:23:43
cdn-pullzone: 139012
server: BunnyCDN-AMS-883
last-modified: Tue, 16 Aug 2022 07:22:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62fb45ce-5c0f5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 5441d08ed929872a70a99711d03af055
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 c6ddd31-clipboard01.jpg
img.pravda.com/images/doc/c/6/ 10 KB
10 KB 287ms
167ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/c/6/c6ddd31-clipboard01.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

23a9684e7e6f917fad38a96337a0ee48eb3b0a2e7bdb6cbac5fa450cc725e354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 19:43:02 GMT
server: nginx
x-content-type-options: nosniff
age: 22585
date: Wed, 17 Aug 2022 19:44:19 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fd44c6-295f"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10591
x-xss-protection: 1; mode=block

GET
H2 200 a1627e3-b4-1240-original.png
img.pravda.com/images/doc/a/1/ 382 KB
383 KB 407ms
288ms Image
image/png 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/a/1/a1627e3-b4-1240-original.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

89adb1de8feda64e6f2024544d45054fd5cfa9c415c1791babb97639e4ca9d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 10:40:33 GMT
server: nginx
x-content-type-options: nosniff
age: 54900
date: Wed, 17 Aug 2022 10:45:44 GMT
content-type: image/png
cache-control: max-age=5184000,public
etag: "62fcc5a1-5f8e2"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 391394
x-xss-protection: 1; mode=block

GET
H2 200 0e6cb24-telegram-3-original.png
img.pravda.com/images/doc/0/e/ 22 KB
22 KB 398ms
279ms Image
image/png 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/0/e/0e6cb24-telegram-3-original.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

70bb5b87e6b41923f882a39c3b7b3ecdd1a8818c6e1b3f145700ed40943be567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Jul 2022 12:14:06 GMT
server: nginx
x-content-type-options: nosniff
age: 654239
date: Wed, 10 Aug 2022 12:16:45 GMT
content-type: image/png
cache-control: max-age=5184000,public
etag: "62cc140e-5888"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22664
x-xss-protection: 1; mode=block

GET
H3 200 cabinet.js Show response
www.pravda.com.ua/misc/ 16 KB
3 KB 55ms
54ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/cabinet.js?6
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 92018f774b7672c3c6b14261ceff2b806ada04880b54f94288b1f02623c676d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:59:20 GMT
via: 1.1 google
last-modified: Mon, 22 Nov 2021 15:24:28 GMT
server: nginx
age: 237684
etag: W/"619bb62c-41f6"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2899

GET
H/1.1 200
OK xWy68oZpibnY Show response
cdn.onthe.io/io.js/ 69 KB
21 KB 327ms
156ms Script
text/javascript 95.217.4.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.4.138 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.4.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 041e46bf70fbeb6e8c4efa5dd519679e7c18cc0ea0cf2401a1dc6731574b7b4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 02:00:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:15:36 GMT
Server: nginx
ETag: W/"60e6fa78-11288"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 19 Aug 2022 02:00:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
56 KB 228ms
132ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae150613a020360264a78954fb52791895b256e97c5dae0dd8f4e8c4c9cc673d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57449
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f687aea5c1d558829312fdf7d1f1c4daff6d4b81eb50f0f6c54517d3261b403d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7181c87bff521fce029fb02d9aa4bf8a7e17e6305530db7dafde75e9fad6846b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ae725019222ebf6828d5be8379a9d545a94cac56698904aca22c1cee14522b6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228a3b791b4b5d31648dd5f362d6685586b53e1165920e9df80477a357aecc97

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7289fa539d682275fdf1a2ae4a5e0cea5621a59b83d4cfd2288f6c55b3585c55

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63e1a1a75e683c02f5c8cbc8335937144ae91bb5c6ca0ae41ea1d4d222f492d7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe0735824c048f03d337374cefcdb74eab99e9f197c04888566184f7fb956808

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96fa106a4c8327abd834abf8d6823dda48c1f021d22235adf3a11df693620ad4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eaecaf0eb8a74bd2e9bbf29b474efd83f9c8c7112f65bcdf0b9db336fdf59ba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f7407773f2f183fdd575c44139ac4140e09de764d8f968b9661f37060daf470

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523685b138c067197cc856ab8fa9475d6ffbe6f9a9a715f596216b215bdfc5f3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 590f997-400.jpg
img.pravda.com/images/doc/5/9/ 263 KB
263 KB 376ms
283ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/5/9/590f997-400.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3a2703ae8a0552c91e4fafc14202f6ba8c10f7a357ff87561c7f409643ae789b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 10:26:33 GMT
server: nginx
x-content-type-options: nosniff
age: 55795
date: Wed, 17 Aug 2022 10:30:49 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fcc259-41ccb"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269515
x-xss-protection: 1; mode=block

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 57 KB
15 KB 487ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Thu, 18 Aug 2022 14:00:44 GMT

GET
H2 200 0e9ddd1-21cf8db-------.png
img.pravda.com/images/doc/0/e/ 196 KB
197 KB 197ms
142ms Image
image/png 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/0/e/0e9ddd1-21cf8db-------.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e4ae474c81a682c2773a1e561d05bb8df7ecdeadb9adbdbaca50afc10ec4cd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 00:08:46 GMT
server: nginx
x-content-type-options: nosniff
age: 6688
date: Thu, 18 Aug 2022 00:09:16 GMT
content-type: image/png
cache-control: max-age=5184000,public
etag: "62fd830e-3115f"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201055
x-xss-protection: 1; mode=block

GET
H2 200 1829738-gettyimages-1415246218.png
img.pravda.com/images/doc/1/8/ 47 KB
47 KB 107ms
55ms Image
image/png 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/8/1829738-gettyimages-1415246218.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f1dabbbe6a916bd637cf5addfeea3ae2eb430101969d3ce0f0796acbef642afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Aug 2022 00:13:12 GMT
server: nginx
x-content-type-options: nosniff
age: 6389
date: Thu, 18 Aug 2022 00:14:15 GMT
content-type: image/png
cache-control: max-age=5184000,public
etag: "62fd8418-bcb8"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48312
x-xss-protection: 1; mode=block

GET
H2 200 20ee5e6-clipboard01.jpg
img.pravda.com/images/doc/2/0/ 12 KB
12 KB 166ms
113ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/2/0/20ee5e6-clipboard01.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f4b7e9af1ec41968144306faf871842d0a19ec7b137dcc9c7ab59542aa5e8aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 19:53:04 GMT
server: nginx
x-content-type-options: nosniff
age: 21986
date: Wed, 17 Aug 2022 19:54:18 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fd4720-2f8b"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12171
x-xss-protection: 1; mode=block

GET
H2 200 c85ed23-govoryly705.jpg
img.pravda.com/images/doc/c/8/ 148 KB
148 KB 227ms
174ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/c/8/c85ed23-govoryly705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

32b4efdc24fd2b693c9800348306129eb872d13e9544a231a0fa404951ec57c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 18:13:28 GMT
server: nginx
x-content-type-options: nosniff
age: 27606
date: Wed, 17 Aug 2022 18:20:38 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fd2fc8-24f97"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151447
x-xss-protection: 1; mode=block

GET
H2 200 c592302-monaco705.jpg
img.pravda.com/images/doc/c/5/ 294 KB
295 KB 291ms
290ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/c/5/c592302-monaco705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ad43801c1f03ca87b40de02a59f831b95d6ab6db3c57e309bcf705ee098a645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 17:45:41 GMT
server: nginx
x-content-type-options: nosniff
age: 79257
date: Wed, 17 Aug 2022 03:59:47 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fbd7c5-4991b"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301339
x-xss-protection: 1; mode=block

GET
H2 200 ccb6742-krym-vybuhi705.jpg
img.pravda.com/images/doc/c/c/ 154 KB
154 KB 296ms
294ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/c/c/ccb6742-krym-vybuhi705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f83c80775adf9bc5eacc59ae64ee19e14ce4b54109aaaac2447fe54b2bc9c543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 16:50:20 GMT
server: nginx
x-content-type-options: nosniff
age: 118709
date: Tue, 16 Aug 2022 17:02:15 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fbcacc-26784"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157572
x-xss-protection: 1; mode=block

GET
H2 200 bec72ee-a705.jpg
img.pravda.com/images/doc/b/e/ 157 KB
157 KB 300ms
299ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/b/e/bec72ee-a705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b720b2bc8bf8edfedbf9a3501db8c53c375bbdef896a9bad7e047946fc57ef86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 12:38:22 GMT
server: nginx
x-content-type-options: nosniff
age: 132582
date: Tue, 16 Aug 2022 13:11:02 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fb8fbe-27474"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160884
x-xss-protection: 1; mode=block

GET
H3 200 ico_video.svg
www.pravda.com.ua/images/v6/ 731 B
423 B 55ms
54ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_video.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

595dd2499b4804d96cb8ea66281f80040e94c54f8c7c7e1a98c5a3732f1310c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:54:29 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 08:31:04 GMT
server: nginx
age: 75975
etag: "5eb275c8-191"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=590560
content-encoding: br
vary: Accept-Encoding
content-length: 401

GET
H2 200 1ca50cf-400.jpg
img.pravda.com/images/doc/1/c/ 53 KB
53 KB 304ms
303ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/c/1ca50cf-400.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8756da26ae9a97d9b844190e4ddcf2bf4a17e498a254be84773f160c9c051bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 13:43:56 GMT
server: nginx
x-content-type-options: nosniff
age: 130502
date: Tue, 16 Aug 2022 13:45:42 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fb9f1c-d27c"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53884
x-xss-protection: 1; mode=block

GET
H2 200 a1588ff-7protez.jpg
img.pravda.com/images/doc/a/1/ 95 KB
96 KB 308ms
307ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/a/1/a1588ff-7protez.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b8d24f54416baa39218b9f217d3efc874ba7e4cb597cb25349a3f80d66afddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 11:27:29 GMT
server: nginx
x-content-type-options: nosniff
age: 52197
date: Wed, 17 Aug 2022 11:30:47 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fcd0a1-17d9f"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97695
x-xss-protection: 1; mode=block

GET
H2 200 c2a921c-dollar.png
img.pravda.com/images/doc/c/2/ 155 KB
156 KB 311ms
310ms Image
image/png 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/c/2/c2a921c-dollar.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a46d4b38174e5f94da05cb42fc32fc2bae3d422f632a2c9f013e2048c285a76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 08:28:50 GMT
server: nginx
x-content-type-options: nosniff
age: 62964
date: Wed, 17 Aug 2022 08:31:20 GMT
content-type: image/png
cache-control: max-age=5184000,public
etag: "62fca6c2-26d62"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 159074
x-xss-protection: 1; mode=block

GET
H2 200 a2936a5-7azs.jpg
img.pravda.com/images/doc/a/2/ 90 KB
90 KB 315ms
314ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/a/2/a2936a5-7azs.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7e4bb8cd155e5a2e5acf283cdd0fab9ce1a8c6a86d66bab7d328954d41ea2042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 15:39:14 GMT
server: nginx
x-content-type-options: nosniff
age: 37146
date: Wed, 17 Aug 2022 15:41:38 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fd0ba2-1662f"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91695
x-xss-protection: 1; mode=block

GET
H2 200 1c857f8-d690f8d-705.jpg
img.pravda.com/images/doc/1/c/ 65 KB
65 KB 318ms
317ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/c/1c857f8-d690f8d-705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7fb20d4df2ecd0a04433dba27cdadae5c401b946bde339cd1b31f884b90a3b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 11:33:48 GMT
server: nginx
x-content-type-options: nosniff
age: 51847
date: Wed, 17 Aug 2022 11:36:37 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fcd21c-102e9"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66281
x-xss-protection: 1; mode=block

GET
H2 200 1beea92-7misto.jpg
img.pravda.com/images/doc/1/b/ 154 KB
154 KB 321ms
320ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/b/1beea92-7misto.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a9f36f1777542c33ef8454386ee72157dc1fe762e06cd7f2980f9742ca3b7be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 11:57:15 GMT
server: nginx
x-content-type-options: nosniff
age: 136785
date: Tue, 16 Aug 2022 12:00:59 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fb861b-26655"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157269
x-xss-protection: 1; mode=block

GET
H2 200 f1a1516--barchuk-miroslava_160x160.jpg
img.pravda.com/images/doc/f/1/ 23 KB
23 KB 324ms
323ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/f/1/f1a1516--barchuk-miroslava_160x160.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f4f81d7ec04815b2abf10bdffa0a8e867f48835b1a350b87698e8a01a1f44a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 09:40:03 GMT
server: nginx
x-content-type-options: nosniff
age: 144886
date: Tue, 16 Aug 2022 09:45:58 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fb65f3-5aeb"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23275
x-xss-protection: 1; mode=block

GET
H2 200 8a09c81-7dollar.jpg
img.pravda.com/images/doc/8/a/ 210 KB
210 KB 326ms
325ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/8/a/8a09c81-7dollar.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

14891d20dbebc0e3872e67b1acef286a30fbf12c98f1005011d4aeb682885d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Aug 2022 07:30:17 GMT
server: nginx
x-content-type-options: nosniff
age: 152706
date: Tue, 16 Aug 2022 07:35:38 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fb4789-34801"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215041
x-xss-protection: 1; mode=block

GET
H2 200 84a28f7-colaboranty705.jpg
img.pravda.com/images/doc/8/4/ 226 KB
226 KB 329ms
328ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/8/4/84a28f7-colaboranty705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ee7e6081e9c48b02da03c5dd4a34c85f933932e318212dd344251c37d87e0c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Aug 2022 20:33:08 GMT
server: nginx
x-content-type-options: nosniff
age: 167244
date: Tue, 16 Aug 2022 03:33:20 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62faad84-38697"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231063
x-xss-protection: 1; mode=block

GET
H2 200 231599b-7valuta.jpg
img.pravda.com/images/doc/2/3/ 62 KB
62 KB 332ms
331ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/2/3/231599b-7valuta.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e16fc16156681b8b79356764b0a4f7231c0f030987d817a32368c010d0064581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Aug 2022 14:41:39 GMT
server: nginx
x-content-type-options: nosniff
age: 213287
date: Mon, 15 Aug 2022 14:45:57 GMT
content-type: image/jpeg
cache-control: max-age=5184000,public
etag: "62fa5b23-f89a"
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63642
x-xss-protection: 1; mode=block

POST
H2 200 z Show response
s.zmctrack.net/ Frame DD6D 60 KB
25 KB 347ms
168ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 255628716b2eea728756ce28e17a1d8716dbecec84a2dc8f9a6664c41f5fcd92

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 25096
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
53ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3524
date: Thu, 18 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 18 Aug 2022 03:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 171ms
62ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95dabed6e4b69e93be9bdc32249f7ac74b10acf7fde2cc476e742fb3bb28d86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41872
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
H2 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 182ms
53ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Aug 2023 10:51:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 298 B
788 B 189ms
61ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pravda.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6dc7458475c35c783beb00af4f2d473f15f6e61643494429c3db82b895ec5fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 108 KB
42 KB 135ms
72ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-M5KSFRL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e440285a577220b5c9ef4e84340f6280108ca28ac6b77f8739f798a5f650bf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42427
x-xss-protection: 0
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 125ms
69ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MRSXWZPM31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8bfda264db168d213e64665c04ad52bfd69e589c9cdb1b6bbde5d32c4a9c65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72280
x-xss-protection: 0
expires: Thu, 18 Aug 2022 02:00:44 GMT

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
647 B 148ms
48ms Fetch
text/plain 2400:52e0:1e01::883:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-883 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
cdn-edgestorageid: 883
cdn-fileserver: 309
cdn-storageserver: DE-168
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cdn-cachedat: 08/04/2022 15:24:07
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-ym-country: DE
content-length: 3
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "622b54c3-3"
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 5f7f30f6b286374bc2dc1f7531bf6e41
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 159 KB
41 KB 210ms
61ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Aug 2022 01:56:16 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 16:12:01 GMT
server: AmazonS3
age: 269
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: 7CdHOssrimVBzAn9aNIBivtfkn3D4m8F21o3NDqg9pG6iw5yMJF7nQ==

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 214 KB
69 KB 49ms
49ms Script
application/javascript 2400:52e0:1e01::883:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-883 /
Resource Hash: 65436f019d99777aab2956969d7bc4033b4d0a092d9e50210079fb59e8d52c46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 224
cdn-storageserver: DE-165
cdn-cachedat: 08/16/2022 18:14:26
cdn-pullzone: 139012
server: BunnyCDN-AMS-883
last-modified: Tue, 16 Aug 2022 18:14:20 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62fbde7c-357c9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 0fc1f90ecc4ba381354f6736798b2123
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 178 B
870 B 144ms
49ms XHR
text/plain 2400:52e0:1e01::883:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-883 /
Resource Hash: a9c4690acdee8689796dc9ff361885b351e01d63a2651056985f5f6380052f95

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 324
cdn-storageserver: DE-200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 08/17/2022 08:34:21
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Wed, 17 Aug 2022 08:30:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62fca720-b2"
vary: Accept-Encoding
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 09bcdfe048ceda5f8decb6b9da191c27
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
490 B 436ms
148ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0MjM1MTEmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1mMmE2MDE3MS01YWQzLTQwMjYtYjQ1OS05YTE3Yjc5NjkzOWY%3D&bWlkPTE0MjM1MTImcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1hZjEwZmQ3Yi1iNzNmLTQzYWEtYThiMS0zZmVkYThmOTQxNjE%3D&pt=gross&stid=284681ba-61ff-4c03-8559-17fbec946b2b&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.pravda.com.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 39 KB
14 KB 353ms
239ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e6da904b5cecb6388a0f4b9b91e30ee80d30ba5aadbc2cde5d6e8487b797172a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Aug 2022 02:00:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c8fa1a38-c610-4b3d-9c58-fbf1a95798b6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 273ms
98ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2390906&size_id=15&rf=https%3A%2F%2Fwww.pravda.com.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=f2a60171-5ad3-4026-b459-9a17b796939f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9524313062534646
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e2e2e7df150b15c090f0ed47cfc3fba72b1a35e4a3404f87cd1de3a8336a86c0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.pravda.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 283ms
109ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2388902&size_id=10&rf=https%3A%2F%2Fwww.pravda.com.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=af10fd7b-b73f-43aa-a8b1-3feda8f94161&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05754885668147014
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 82a89a51ce8cc330d176ac79be5def72ce0553d7eaccad840d05372abdd2ed20

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.pravda.com.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 352ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a96913f0180803c5bc247bc38ba0180&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d5994fd4c600a990b29cf1c09bcef124a479ab00025ecb1f1e577f2c7ecfc3ba

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
295 B 351ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a96913f0180803c5bc247be02500181&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b431f699b94d71e321c40c1a7ce7ea71b08a913ce8d393a707e158e188fd440c

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
643 B 268ms
169ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=831915&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213493e73f5bdb3a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pravda.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214343ef35ba833d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22152d48a8a0902d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc73aa2e43e513212fa2e9168705eff0bdef00cdd474037906710dd3ab77b68c

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiCrEwMo9WkTLbYhEy04lvZF575mBcly7Vq%2B%2B43R0G7vnUgbXMRfVIKQfJpcRlc66AJxSBr%2FA3q%2BVlUFIkvlX1UoEgap16IaOXVtOUyo%2Fkbf2AXXxy3Ni4C0hliOmsJ9sKZvyfP3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73c70ebdf90b7720-LHR
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 340ms
62ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=11655519937

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 388 B
432 B 613ms
333ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8578,8579&sizes=300x250,300x600&referer=https%3A%2F%2Fwww.pravda.com.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 63b3a57dbff00412d3f43c711bd17958282579de059baf4045b1092eb4aa7e40

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pravda.com.ua
date: Thu, 18 Aug 2022 02:00:44 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
507 B 244ms
88ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2219aae5d9-7b49-4ac6-86ef-0bfae6884f28%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250]]}},%22adUnitCode%22:%22UPR_SBR_1%22,%22transactionId%22:%22f2a60171-5ad3-4026-b459-9a17b796939f%22,%22sizes%22:[[300,250]],%22bidId%22:%2223c0a878700f2d3%22,%22bidderRequestId%22:%2222f2dc20fe0627f%22,%22auctionId%22:%22284681ba-61ff-4c03-8559-17fbec946b2b%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22168345ce-a342-4b76-b9b3-030057b6d907%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600]]}},%22adUnitCode%22:%22UPR_SBR_2%22,%22transactionId%22:%22af10fd7b-b73f-43aa-a8b1-3feda8f94161%22,%22sizes%22:[[300,600]],%22bidId%22:%2224441aeaecdd56d%22,%22bidderRequestId%22:%2222f2dc20fe0627f%22,%22auctionId%22:%22284681ba-61ff-4c03-8559-17fbec946b2b%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.pravda.com.ua%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.pravda.com.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 228ms
100ms XHR
application/json 3.121.203.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.pravda.com.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.203.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-203-249.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
288 B 322ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Aug 2022 02:00:43 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
507 B 213ms
58ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250]]}},%22adUnitCode%22:%22UPR_SBR_1%22,%22transactionId%22:%22f2a60171-5ad3-4026-b459-9a17b796939f%22,%22sizes%22:[[300,250]],%22bidId%22:%223222111b44aee1c%22,%22bidderRequestId%22:%2231c9b10a87e245b%22,%22auctionId%22:%22284681ba-61ff-4c03-8559-17fbec946b2b%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600]]}},%22adUnitCode%22:%22UPR_SBR_2%22,%22transactionId%22:%22af10fd7b-b73f-43aa-a8b1-3feda8f94161%22,%22sizes%22:[[300,600]],%22bidId%22:%223331c653b4cc6f5%22,%22bidderRequestId%22:%2231c9b10a87e245b%22,%22auctionId%22:%22284681ba-61ff-4c03-8559-17fbec946b2b%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwww.pravda.com.ua%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.pravda.com.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 189ms
61ms XHR
text/javascript 188.40.115.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:uniques_instantly[url:%2F,domain:www.pravda.com.ua,page:%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0,page_type:main,language:ua,type_article:article,reference_time:0,pub_date:Thu%2C%2001%20Jan%201970%2003%3A00%3A00%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:1b4c41bb6.1655ebac6_1660788044375,session_id:b877516ad.5d26e5e60_1660788044376,cdn_version:43]&s=006a533fc3b6c64fb330760b5e14661c&1660788044382
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 188ms
61ms Script
text/html 188.40.115.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=18&holding=859faaebd514d65ed0a19a5eea288384&hash_user=1b4c41bb6.1655ebac6_1660788044375&1660788044384
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 184ms
60ms XHR
text/javascript 188.40.115.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:visits_instantly[url:%2F,domain:www.pravda.com.ua,page:%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0,page_type:main,language:ua,type_article:article,reference_time:0,pub_date:Thu%2C%2001%20Jan%201970%2003%3A00%3A00%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:1b4c41bb6.1655ebac6_1660788044375,session_id:b877516ad.5d26e5e60_1660788044376,cdn_version:43]&s=006a533fc3b6c64fb330760b5e14661c&__io=1b4c41bb6.1655ebac6_1660788044375&1660788044387
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 182ms
61ms XHR
text/javascript 188.40.115.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:pageviews[url:%2F,domain:www.pravda.com.ua,page:%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0,page_type:main,language:ua,type_article:article,reference_time:0,pub_date:Thu%2C%2001%20Jan%201970%2003%3A00%3A00%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:1b4c41bb6.1655ebac6_1660788044375,session_id:b877516ad.5d26e5e60_1660788044376,cdn_version:43]&s=006a533fc3b6c64fb330760b5e14661c&1660788044390
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK ht.json Show response
tt.onthe.io/xWy68oZpibnY/ 2 B
378 B 177ms
58ms XHR
application/json 188.40.115.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/xWy68oZpibnY/ht.json
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Last-Modified: Sat, 12 Mar 2022 20:37:31 GMT
Server: nginx
ETag: "622d048b-2"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 /
loadercdn.net/ 0
169 B 277ms
88ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=1d58cc9afd89f345&d=www.pravda.com.ua
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Aug 2022 02:00:44 GMT
server: openresty

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
62ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1555374914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAAC~&jid=1930897357&gjid=881048886&cid=820788045.1660788044&tid=UA-554376-1&_gid=1306292869.1660788044&_r=1&gtm=2ou8h0&z=2067307133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 142ms
61ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1555374914&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1st_screen&ea=Right_banner_visibility&el=View&_u=aEDAAUABQAAAAC~&jid=1772857411&gjid=742003298&cid=820788045.1660788044&tid=UA-554376-1&_gid=1306292869.1660788044&_r=1&gtm=2wg8h0WW7B57&z=379562692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 125ms
54ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1555374914&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1st_screen&ea=Left_banner_visibility&el=View&_u=aEDAAUABQAAAAC~&jid=&gjid=&cid=820788045.1660788044&tid=UA-554376-1&_gid=1306292869.1660788044&gtm=2wg8h0WW7B57&z=1669509662

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 18:16:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27878
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 125ms
55ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1555374914&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Latest_news_banner&ea=Left_banner_visibility&el=View&_u=aEDAAUABQAAAAC~&jid=&gjid=&cid=820788045.1660788044&tid=UA-554376-1&_gid=1306292869.1660788044&gtm=2wg8h0WW7B57&z=2045960404

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 18:16:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27878
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 121ms
61ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1555374914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABQAAAAC~&jid=733408238&gjid=911694130&cid=820788045.1660788044&tid=UA-554376-23&_gid=1306292869.1660788044&_r=1&gtm=2ou8h0&z=1928216163

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 177ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MRSXWZPM31&gtm=2oe8h0&_p=1555374914&cid=820788045.1660788044&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660788044&sct=1&seg=0&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRSXWZPM31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 282 B
395 B 77ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.pravda.com.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 135cf9c11f85dba3a5ec7d485df4462ec3b7df294012443bf8dd1ad799a77078

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 282
expires: Sat, 17 Sep 2022 02:00:44 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame F6A9 5 KB
3 KB 230ms
74ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 6c02be863954b84d5fe9e7d21fe0fabd0bf153d05eabcbb50c30fe981fafb416

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2724
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:44 GMT
etag: PRIVATE7520710249
expires: Sat, 17 Sep 2022 02:00:44 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 54ms
54ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pravda.com.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 20:43:26 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: Server
age: 19037
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.pravda.com.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: tQgAuMEuLcf4YrRM0vBYn5lwwsfijSx2qAr2trw63tn13ffgwLCnjA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 162 B
635 B 88ms
88ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pravda.com.ua%2F&pid=IGDMadl3pqYq5&cb=0&ws=1600x1200&v=22.8.42053&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_310370463%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6942251%2FUPR_SBR_300_1%22%7D%2C%7B%22sd%22%3A%22notsy_container_310991245%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F6942251%2FUPR_SBR_300_2%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

f3a22ad2b35d79604cdabf5e4aa079aa55a39c7d7d89eb0830fe8e1deb6207bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 8BQ27BR3BJXXZTZQZNEB
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 162
x-amz-cf-id: aJC3-j8zHdUsnP1DntYYCE0NjCykfYixnmCpplVupVwBkzsxiRP65g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 161ms
53ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 41629
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Wed, 17 Aug 2022 14:26:56 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: o_7EJUQe_4hi6Vwa6lNibuwWn8b78Z1ZyjT6jVbJTfInOeaZmmYPVw==

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 60ms
60ms XHR
text/javascript 188.40.115.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42125:uniques_holding&s=006a533fc3b6c64fb330760b5e14661c&__io=1b4c41bb6.1655ebac6_1660788044375&1660788044648
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:44 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 168ms
56ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-554376-1&cid=820788045.1660788044&jid=1772857411&gjid=742003298&_gid=1306292869.1660788044&_u=aEDAAUABQAAAAC~&z=649268003

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Aug 2022 02:00:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 164ms
56ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-554376-1&cid=820788045.1660788044&jid=1930897357&gjid=881048886&_gid=1306292869.1660788044&_u=YEBAAUAAQAAAAC~&z=159965596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Aug 2022 02:00:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame BF2E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t

65 B
686 B

56ms
56ms

Document
text/html

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 18 Aug 2022 02:00:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8XQ63R57SDWXRE8NZHFJ

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 18 Aug 2022 02:00:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2MX4KRM2CB8PG4QE0G2A

POST
H2 200 z Show response
s.zmctrack.net/ Frame 42CA 102 B
453 B 89ms
89ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 5d908df2ed371e7a111a94c1f3eeabaf2710bce42c09c752a4c7adeca89bf546

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Aug 2022 02:00:44 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 184ms
65ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-554376-1&cid=820788045.1660788044&jid=1772857411&_u=aEDAAUABQAAAAC~&z=1351420083

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 184ms
65ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-554376-1&cid=820788045.1660788044&jid=1772857411&_u=aEDAAUABQAAAAC~&z=1351420083

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 182ms
64ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-554376-1&cid=820788045.1660788044&jid=1930897357&_u=YEBAAUAAQAAAAC~&z=1875755941

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 184ms
66ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-554376-1&cid=820788045.1660788044&jid=1930897357&_u=YEBAAUAAQAAAAC~&z=1875755941

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1660788044875/
Redirect Chain

https://gaua.hit.gemius.pl/_1660788044875/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A...
https://gaua.hit.gemius.pl/__/_1660788044875/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https...

169 B
423 B

196ms
196ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1660788044875/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9vCMp3ghVbTxvSwXC37fzp9c06g3PKgIxJlNJo9mtqD.h7BmPEOfdo5OHFjZJQKRxPVB1wF7dHiUDguAo8zWFWnzw9Xz/fPgnvhQ.GQeAt/&ltime=293&fpdata=TQHXRFATXE3PCBZ4rm5zbMZBqKZJZRhaM.88uFu2Wbz.M7&fpcap=
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 5136bc30e0a8e2741a8206510f7fe359f6aeb3b2f5c2b24e499420fc15263412

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 17 Aug 2022 02:00:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:44 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1660788044875/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=9vCMp3ghVbTxvSwXC37fzp9c06g3PKgIxJlNJo9mtqD.h7BmPEOfdo5OHFjZJQKRxPVB1wF7dHiUDguAo8zWFWnzw9Xz/fPgnvhQ.GQeAt/&ltime=293&fpdata=TQHXRFATXE3PCBZ4rm5zbMZBqKZJZRhaM.88uFu2Wbz.M7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 17 Aug 2022 02:00:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 205ms
63ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 178ms
62ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 167 KB
49 KB 383ms
274ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3483384810758409&correlator=2432759524852156&eid=31068500%2C21065724%2C31067826%2C31064018&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=6942251%2CUPR_SBR_300_1%2CUPR_SBR_300_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x600&fluid=height%2Cheight&ifi=1&adks=1154741527%2C1606149041&sfv=1-0-38&fsbs=1%2C1&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.60%26hb_adid_appnexus%3D3406a2cf271d035%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.60%26hb_adid%3D3406a2cf271d035%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.60%26hb_adid_appnexus%3D35c78d5f471708c%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.60%26hb_adid%3D35c78d5f471708c%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=lang%3Dua%26page_id%3Dhome_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1660788044998&lmt=1660788044&dlt=1660788043780&idt=839&adxs=1136%2C1136&adys=1237%2C1527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.pravda.com.ua%2F&frm=20&vis=1&psz=300x250%7C300x600&msz=300x0%7C300x0&fws=0%2C0&ohw=0%2C0&ga_vid=820788045.1660788044&ga_sid=1660788045&ga_hid=1555374914&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

304d40297abe04df37bdc9f7a76c05cf15f0124db2115e59251a2da3ff7ca631

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPum68ulz_kCFTHcEQgddc0IEQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/1885163679607419163/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPum68ulz_kCFTHcEQgddc0IEQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/1885163679607419163/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -1,138401167639
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50304
x-xss-protection: 0
google-lineitem-id: -1,5959395292
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Thu, 18 Aug 2022 02:00:45 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56AE 6 KB
4 KB 240ms
61ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:45 GMT
expires: Fri, 18 Aug 2023 02:00:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 183ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

541b9c442f365bea518281a0fb89808c5d12912c5aeb3265b38e1bdd05714354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11045
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 335ms
62ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Aug 2022 02:00:45 GMT

GET
H3 200 container.html Show response
3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 771B 6 KB
3 KB 171ms
61ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:45 GMT
expires: Fri, 18 Aug 2023 02:00:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7AD 0
0 90ms
90ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA_-ekl9xNBwZ450MtrdTS0HnH4gIXGo5kgZKkOasswpHqLyebbg1BSSILn3pe3wbGrQd9yTvj7R3lQ0QsuYWY6kmo8v1JOATyAqr9dYR3o7Dods-jtWKdE9qAmhqOQtO3a8rlfNWytXeTf8waXnYwU7AZZfOYE9brqYcc2UAwTXWycNek29fJdZDR2QGQs9f-f-V8mlr30AVXvx_KElR7_PI4pav6KvfhOmAzRBMXd8G8xkny0ROEB_kiyg54bKhVEGVwgPTYXV_t7UIHuvwg2cyjOHiGkZJWDaNkTikTnHzYkoyFcf6YqJjg-CTma67d&sai=AMfl-YRe9qUQKqKoE-Ct14jNHs5SVr2QfXfa0PB6Z6XuFDWWBDnTMnh2gwItjFN4EyXeGYje_dx1XrbQ6CQDhRDP3a82O1fU_Cx_53BMp8JaXBObUc1bPZDFEXlB90aHfwLYSw&sig=Cg0ArKJSzJZnrEMfMTq0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 02:00:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 18 Aug 2022 02:00:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/ Frame F7AD 23 KB
10 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 01:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 01:32:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame F7AD 3 KB
1 KB 178ms
62ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 01:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 01:22:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7AD 140 KB
43 KB 186ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 02:00:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F7AD 0
0 174ms
62ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVvdOdvMkuNyQ0P_CkLjQIHR1Ov74YlYO2s3Z74N7LMpHq40K_jO_B2GN_BuFWeriXTP5OJmJlbry6VhEB7g316hBR4g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 11998601228678349554
tpc.googlesyndication.com/simgad/ Frame F7AD 95 KB
95 KB 180ms
64ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11998601228678349554

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d25901d353011fe85625c2f4cc915986e1508184eb67ae69643cca0d66028c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:27:58 GMT
x-content-type-options: nosniff
age: 145967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97288
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 09:10:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Aug 2023 09:27:58 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 299ms
185ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 02:00:45 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/ Frame 3783 19 KB
3 KB 169ms
58ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c67049709738f0329f0c2215a5b86149ce72a110b8abfdc3fb612808c645fa3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 221670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3403
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 12:26:15 GMT
expires: Tue, 15 Aug 2023 12:26:15 GMT
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 771B 0
0 97ms
97ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZpm2TZ39YrvMCrG4x_AP9ZqjiAGWtIKRa4uU8PmJEPH-ifG8MBABIPvgsSpglQKgAePRhdsCyAEJqQINpguezRSxPuACAKgDAcgDSKoErQJP0GJO5SIYcQyECnxlUdzkniedamkArwP-mFHtRCc6YuVZjCgY0G9W-VnbQfM2ePH6tATDnK4219ObpY_tIhxgPEMTAiRYyXTlVkn9tXZpDNe7vWQR5LQ9wVq-cqRb1s8anIPdXZQOU-j8ap6lwSCflTmlap2mBpFv0ujNZ4el55mlcgR9A_eypNc2hJVsFpUbNXXyG1v3iXD4H5YzrUlqp3eYxDeYvGwPZVr1PwPyvZFao4rtMAZNK2rTgtuQetwnEMjwj4se70rVqkwWMRRgrJWG1IVOs5_V1uiGhGhl6al5uvIIF8LHfTaMYAFbijUpedVUhfE5m4m-p1d9xZeCuIbjkDsTgaxq8fZ3HFEM_fVV9Pt4LTyxkUmlzFbAi7Wy6f8eAgziKkLmrjKSwATD55PQrwPgBAGgBi6AB4Wu-qQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiJUG0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTE0MzgyMzMzMzIwMzA0MzAYk9MR&sigh=AfExdFET6fY&uach_m=[UACH]&template_id=419
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/ Frame 771B 23 KB
9 KB 162ms
53ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/abg_lite_fy2021.js

Requested by

Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 01:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 01:52:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7AD 0
0 199ms
90ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4WUaj6lFZUtLkH7TtYXzOsSmbq1w_s4LY4uUvbp6CzQ9eUW6Y_1zh-H_dG4xCaCKQ6qFd01u3sQAmbolAuhFMxoQaLvmP0hYkN7jfiG7cyRVKFYfOtqE1ScCB62XRaa_HwRR_FeOmRfO97U6aOVM71J9px3inXFeFSWSv3Ka_JyVdu9FGzrPzK-Sni_Fq2hJOaw4mDjt841zN0ck2cH2Wn7_3fQ5Mix6NmEThHiUS1oE8nZgf86LC6DXMYteR1CJ8z8hzOanoEeUowSjoRG96zE6-k-eQ3P9beqym79VA-K_7c2WR621oDCetvFJbMMfmAPY&sai=AMfl-YQ-LQ1jQKyskJd_h5FXX1Q-tpYuJ0Sul85-keiiGm6mWkC6tpXCZT8IBjGJXbCM7gQb1pTWP69IS6M1KYab2la3EFiIbVF9GNOAqOpx7Y6f9ajSdmi16yosY0Jw3gbD3A&sig=Cg0ArKJSzP0CpGeAxLRzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Aug 2022 02:00:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 18 Aug 2022 02:00:45 GMT

GET
DATA 200
OK truncated
/ Frame F7AD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c243545269963658953178987b1396c27c16b503520a38e9db08fdde467d3227

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB88 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 4006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 00:53:59 GMT
expires: Fri, 18 Aug 2023 00:53:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 150B 783 B
534 B 63ms
63ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbb6dd77bcd3df1932bffee1f7fd511e6660bf32b13cb2d468c3837368c7b2c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AoXTd4ezTpeOMNoNqu54cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-AoXTd4ezTpeOMNoNqu54cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:45 GMT
expires: Thu, 18 Aug 2022 02:00:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7B8A 15 KB
6 KB 398ms
62ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pravda.com.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:45 GMT
server-processing-duration-in-ticks: 2255
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 188ms
65ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Aug 2022 02:00:45 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3783 9 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3783 26 KB
10 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 16:14:17 GMT

GET
H3 200 img-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 5 KB
5 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b01aa7824e0bf3826ab401b26a3a5e868f815b04cfe48b193c6fda7cc03f31f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4991
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 tf-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 3 KB
3 KB 62ms
59ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/tf-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5091398c530fd22757a6eb83f8ea3e84afe33e417903959edc8b9c51c2ffbe9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3332
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H3 200 tf-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 84ms
80ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/tf-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e7dc84f014f3cf143f1f28e6458e185bf47fd5b369a94bcc00591a8d4d7963b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 522042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2335
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Fri, 12 Aug 2022 01:00:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 01:00:03 GMT

GET
H3 200 tf-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 3 KB
3 KB 81ms
77ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/tf-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e3691bd78dd2699d106d6ed52f73234131a1fe7867ef66e2fee921d9bf5d34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2650
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H3 200 tf-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 74ms
70ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/tf-3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc56fba3f992bec0569b77f8e101e685a31131cc97512e27eabc0bd0845fa14f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 197332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2142
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 19:11:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 19:11:53 GMT

GET
H3 200 tf-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 78ms
75ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/tf-4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcb9a5d5221c906abdaa6cdb3e6ed63d1d04fa9e7d6800bb9003abb1ea7cb53a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2440
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H3 200 img-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 1 KB
1 KB 72ms
69ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ab93eb52b8aeb24f4b57fdea5f30071e9be463aa76c0f6647ae6fe1ca27bb7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H3 200 img-stoerer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 69ms
66ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-stoerer.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9022649d2ca027a9992082a53db89055bbd4284bb3b5b8599f4b2195b607b3e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1789
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 99 B
128 B 73ms
69ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/gfx_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 66ms
62ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38598c57a6a00f59c46600b82ba1b84da43ab190481e215fb085ca8a9fa3fee5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 184908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2247
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 22:38:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 22:38:57 GMT

GET
H2 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3783 113 KB
40 KB 207ms
62ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Aug 2022 02:00:46 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
1 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/TKUT_v1.1.1.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 221688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:57 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:57 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFE4 143 B
426 B 170ms
53ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 01:39:13 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame 771B 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 01:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 01:48:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 771B 140 KB
43 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 02:00:45 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame AB88 36 KB
14 KB 163ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:08:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 150B 0
0 190ms
87ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=3483384810758409&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 img-dude-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 63ms
60ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-dude-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e356b78afe67ec337baaa386cb060f0ef5aca5d2c868fd8d2332c87bd7bc226

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2224
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:26:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:26:02 GMT

GET
H3 200 img-dude.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 13 KB
13 KB 127ms
124ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-dude.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d64e77adf2a1383286f54d8132c96a33501f646345b32d3b1187051881a7cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 280400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13158
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Sun, 14 Aug 2022 20:07:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Aug 2023 20:07:25 GMT

GET
H3 200 img-phone-0-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 2 KB
2 KB 167ms
164ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-0-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

156354d08804ab3c0e68fc65c392107c20c9b5dbab765ca4df275a6cd746bd65

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 35605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1689
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Wed, 17 Aug 2022 16:07:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 16:07:20 GMT

GET
H3 200 img-phone-0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 19 KB
19 KB 151ms
148ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071087b246c2cbc216d74d0e1d5c0d14d6a137e7b873fc3318bcab078b14ee91

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18979
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-1-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 1 KB
1 KB 168ms
165ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-1-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56924d6938efccd8bf71b17c4f5a285797bc300ef0b38e38e0561e3c647676b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1366
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 12 KB
12 KB 106ms
103ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a0d2908923020b34ad2806e554d810b0925f377414a3ffdb0aab354aa17a0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12511
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-2-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 1 KB
1 KB 165ms
163ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-2-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

890f93d27b849a4833006695f8b3d4f3409930e3854d0f0b815730d84244ca4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 208974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1491
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 15:57:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 15:57:51 GMT

GET
H3 200 img-phone-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 22 KB
22 KB 84ms
81ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ba14593e77bc12f5ae1b01d610adb0411c68ab696c9eaa5f68b1d860fa0d16e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22138
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-4-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 456 B
493 B 165ms
162ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-4-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6bdc481ff1e7fc106f2ef108fc061cf0a85e63859937a76366d198aebd20a1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 456
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 3 KB
3 KB 166ms
163ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-4.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e8806c944d37eee912157411e49fa929b014c527891e7b23d81cf287ddc4513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 184895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3358
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 22:39:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 22:39:10 GMT

GET
H3 200 img-phone-5-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 512 B
547 B 104ms
102ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-5-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2877237167ba93c334b14f745b54a850690c08fd87e8f605ec54d92b1873a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 512
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 4 KB
4 KB 162ms
160ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-5.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb7ecbf9bd1f7b3dd9f5ca431d2f6e2299e9282b78a90a8b0e0afb6eb4a5cd5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 img-phone-6-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 577 B
614 B 164ms
161ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-6-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63db7ece9abe0eb8600a79b68d1226a43ed38c0893f9e4d4ff3ed3b0d5bfba47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:54 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:54 GMT

GET
H3 200 img-phone-6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/ Frame 3783 10 KB
10 KB 140ms
138ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/assets/img-phone-6.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1885163679607419163/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33722d034ebb8fe75e8aa919f58938089c5dea99c37a2ddc71399b50f3d0fbcc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9928
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:20 GMT
server: sffe
date: Mon, 15 Aug 2022 12:25:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Aug 2023 12:25:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame 771B 17 KB
7 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 01:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 01:09:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFE4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

174ms
65ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:46 GMT
expires: Thu, 18 Aug 2022 02:00:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 02:00:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 771B 0
0 61ms
61ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9o04Fen1lo2nK0B8sWFPto2MvFt4W6c9nT1-6iMrl_6vI7UTzg5QbNMSXy08RODl6xc798O5QlFXIugPy4FNoYU8a2Q
Requested by: Host: 3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
URL: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 771B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f3bb0dfa05c210c131e1a42a4ceb185ac6ab85ddecfccdd61ac824f51e86ed5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AB88 0
12 B 53ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DWO5EA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3783 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 15:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 15:08:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7B8A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=pravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.pravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=bF-LcHw5ckVUU3d3eGJnSWViSm5NZnZnRXJXQVJrNVBTSEgva2hlRzZYRENDOUhhdnpqa1piMHZHZ1lOVDBpckJhVDlwT0pSWE12UmtvUGQ4UVAvdkZwMjB3TjArUmt3cjZvcjdXZlMxc0JOZW5EU0k4VFR5Z3Vsb0JnWF...

417 B
629 B

181ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bF-LcHw5ckVUU3d3eGJnSWViSm5NZnZnRXJXQVJrNVBTSEgva2hlRzZYRENDOUhhdnpqa1piMHZHZ1lOVDBpckJhVDlwT0pSWE12UmtvUGQ4UVAvdkZwMjB3TjArUmt3cjZvcjdXZlMxc0JOZW5EU0k4VFR5Z3Vsb0JnWFlDL0xZMGxVWUNya1Q3ZzNyNmV1Y2R1NEZ3MmFtZXhZUTc4ME0vRXNKSjNaQmJpeWlETE9XL25ueWJzamdJMGZDNUNuajZDWWpCNHRSNnFvdExxT3pYUDFsaHhERTFkK2wzaGNEcGdFUTlmOWF2SUppUFpnc2c5aHEvYjJyb0MxbFdqV0JHejdBNkw5NlVFU2hacmlzWHIvM0szR0doZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e12c89302429b5985fc7abf62c5ff4a2fcb3ee23e44f1ae6cdf404532e2fc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3599
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:45 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=bF-LcHw5ckVUU3d3eGJnSWViSm5NZnZnRXJXQVJrNVBTSEgva2hlRzZYRENDOUhhdnpqa1piMHZHZ1lOVDBpckJhVDlwT0pSWE12UmtvUGQ4UVAvdkZwMjB3TjArUmt3cjZvcjdXZlMxc0JOZW5EU0k4VFR5Z3Vsb0JnWFlDL0xZMGxVWUNya1Q3ZzNyNmV1Y2R1NEZ3MmFtZXhZUTc4ME0vRXNKSjNaQmJpeWlETE9XL25ueWJzamdJMGZDNUNuajZDWWpCNHRSNnFvdExxT3pYUDFsaHhERTFkK2wzaGNEcGdFUTlmOWF2SUppUFpnc2c5aHEvYjJyb0MxbFdqV0JHejdBNkw5NlVFU2hacmlzWHIvM0szR0doZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1525
content-length: 541
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=3483384810758409&bg=!SEulSw_NAAYUOm8VNDo7ACkAdvg8Wg_E6JmaP_aeJrn4Vit53z5MIOPFMl-VSx7Ry6l2VG5W2ksIzQIAAABRUgAAAAJoAQeZAqQD2AZRR5uJuLE7g_Uou6cnQjVYKvkFUmJsYAV7LyqcfZbzyfzbc4clFzkft3XbtFwBx5qd9QZ-2VgbnwLt-ds6cMWzTRPFz03x-2ILnb9TJAuYRnb68CfXSHTE94_Em-___wVOcb5DEUfrg0d_1F7eBsKFY97jv3pkr7oepv3pKxGcQ89g1TbImhLXwY0e237FZdIxgX_-jJCTsOKzfLJ9QsGpm2n4yYbuI8ljh7I6qCCxfPUitqWLal7ABGiCMnmiQDaRZaHXs6qmAI7wdZNGTIcUJ49M6aJWs1HqGaeHSO4Nj3Q8O4joPUU9UZmW_ayQYwM97dzR4Z2_BSJVXiB70YbQxyva4JqBN_ZxYxM2UwPTCZijwpUQF-RWtZIyyKstiDti5x4SoIBjp1gycTNW5k_uIQzrUTWzNTpeUBYNGXg4KEhwBsJLJ3l32mLFbL4uSECqFbVCvAmSOHOBT6uGiuBFjOlx-0_wW9YFffuGnfOIS8eyi9In6i4BRwho7JNuAp1BXgkiCl4ZbYiov5RT-CCXQdKOmwaghBXMgeswT1oUnxA4JmjiFQwY6UjjvqGF7HSuTHQUJ_5IxkP6Vv44td4hY3Tafh-4RqwkmF4MzCq-6yX-DGw_jwZzHFNQNm93flFUrq2XFYK02M_75gGor8ySvVizRhP1hZ0kHRjSbHRg3pFqO563epB6XDkAVXonW295FHPHSVshSLNKN9Lxt3PbFsRG4KIpSurEtajG4UDnPpqNk6_J5GW9I849iN4v-NMMAzqtRQAvwj2-h3xufymgn2tRA0t2CpuNaQU7DIt9MQgYt2TovQaGTDiHeZRiIAHPlfwvCXlIsp1Ug9V45h5ulKxxELhmM6U9UBSMNxMIY2MJf81l9VdaapoWRD4CEJDl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 0E8C 37 B
140 B 198ms
60ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 18 Aug 2022 02:00:48 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 58B9 281 B
573 B 266ms
53ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Aug 2022 02:00:48 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 18FE 3 KB
2 KB 307ms
65ms Document
text/html 23.47.209.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Aug 2022 02:00:48 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FFA9 52 KB
17 KB 270ms
58ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 18 Aug 2022 02:00:48 GMT
ETag: "623de86a-cf34"
Expires: Fri, 19 Aug 2022 02:00:50 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 58B9 31 KB
10 KB 54ms
54ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 29fb2a90618cac5595f1a643d4c39eaa481670b3348c4b29f0f283aca788bc9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 18 Aug 2022 02:00:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37056
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Thu, 18 Aug 2022 12:18:24 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FFA9 0
742 B 53ms
53ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:48 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 71557ca4-68fc-4482-90e8-3493d52cf552
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 9916
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

198ms
82ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd20ceb0fae98369d40120bc52f074f1da607cf2f707d39640aa837cf47cbba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73c70ed7fb7688bf-LHR
content-encoding: br
content-type: text/html
date: Thu, 18 Aug 2022 02:00:48 GMT
dropped-udsids: 241|45|39|230|40|41|57|26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Fxi%2BwmXjqb2TY9jSLVKin2Wo1zAKnAWXJqacrQm1WQncXwpNmuW5huv1NymnWGQHSlBClsMrRdTktGWjCW8VreuxAMVtYqsbsLj5%2FA6cir3m7pl84BGrEJ7sArkWOVvVxAu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73c70ed6c8777437-LHR
content-type: text/html; charset=iso-8859-1
date: Thu, 18 Aug 2022 02:00:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjYWyT%2BytFzfyYtZKn%2FWUSfE84QhyqRyhw8Il6%2FxStJwwGux81ZSLfYWZ1POQVxFVHq2M%2FSPFIu90GxKVTL%2Fl620q0T3NoN4lKUPhx0qhOmzc%2BuNod%2Fzg5CbVbL2BYRhx5gv1%2BI323%2FD6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 58B9
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6YEBKLN-17-43ST

0
732 B

465ms
309ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6YEBKLN-17-43ST
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8537D84FE7AA4CF0AF533A9CEBA34BCB Ref B: FRAEDGE1408 Ref C: 2022-08-18T02:00:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-source-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmelm1Azs0KKn2w+Tdog==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6YEBKLN-17-43ST
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 58B9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/5O7XW3Y9gD5ZfukzsQ4eG8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5405878152503863265

0
239 B

56ms
55ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5405878152503863265
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

date: Thu, 18 Aug 2022 02:00:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5405878152503863265
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 58B9
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6YEBKLN-17-43ST&sigv=1&esig=2~a88ef5d18f1ad7f32d118823eb581139a39156c4

0
194 B

288ms
68ms

Image
text/plain

2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6YEBKLN-17-43ST&sigv=1&esig=2~a88ef5d18f1ad7f32d118823eb581139a39156c4

Protocol

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:48 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6YEBKLN-17-43ST&sigv=1&esig=2~a88ef5d18f1ad7f32d118823eb581139a39156c4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 58B9 0
239 B 240ms
56ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58B9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2VhZWY2NjExODA2Y2RjYWViMzcxNGZhM2MzMmFiNGVjM2ExMWQ3YQ

170 B
317 B

62ms
62ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2VhZWY2NjExODA2Y2RjYWViMzcxNGZhM2MzMmFiNGVjM2ExMWQ3YQ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2VhZWY2NjExODA2Y2RjYWViMzcxNGZhM2MzMmFiNGVjM2ExMWQ3YQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58B9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZZRUJLTE4tMTctNDNTVA==

170 B
232 B

65ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZZRUJLTE4tMTctNDNTVA==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZZRUJLTE4tMTctNDNTVA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 58B9 0
98 B 185ms
62ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 58B9 70 B
265 B 175ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9916
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB&dcc=t

43 B
645 B

135ms
135ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3QNXPKB4ZCZ87XZ8A50P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9TT2NKEDR0DHGE9GYQT3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9916
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yv2dUCG270LESB3yk7jTLgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqYIVsbND6mVQpw362t61Q&google_cver=1&gdpr=1

43 B
957 B

131ms
83ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqYIVsbND6mVQpw362t61Q&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73c70eda8f2876dd-LHR
pragma: no-cache
date: Thu, 18 Aug 2022 02:00:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm%2BJqZLlryagN3lWBmwoC0Zq1xTrVIAhX0C%2BnfczYug%2B1ysP%2FFZS%2B%2FEYX%2FIiyH7EnZ37eSuMooF7jbbSkETqn1fHIFNBfC%2BXemu%2F5AJX2%2B9%2Bjl9bx1lwhMmEyRnt4%2F4q1t91mLdQBCxviQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqYIVsbND6mVQpw362t61Q&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9916 70 B
264 B 55ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9916 170 B
232 B 76ms
63ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yv2dUCG270LESB3yk7jTLgAABKYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 02:00:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 9916 43 B
408 B 323ms
57ms Image
image/gif 72.251.245.179
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:49 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-7
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9916
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559724146964683

43 B
910 B

80ms
80ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559724146964683
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73c70edaef7d76dd-LHR
pragma: no-cache
date: Thu, 18 Aug 2022 02:00:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1QDyp%2F7VTaEuKJKAanqGS2hXANWRlODmunjqFkSxePhKSEdm59CvQ3m9IqWZZZDttx3FkaUfHGk%2F5WIZNY9rGVCEbLbWVsfGHqXj4v20J2TNlURnkPi37C%2BEQn0uRFI07E2D7oVghsGBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559724146964683
Date: Thu, 18 Aug 2022 02:00:49 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 9916 0
99 B 265ms
54ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yv2dUCG270LESB3yk7jTLgAA%261190
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 53615

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9916 43 B
424 B 168ms
53ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yv2dUCG270LESB3yk7jTLgAA%261190
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 02:00:48 GMT
cf-cache-status: HIT
age: 122
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 73c70ed94f50775b-LHR
expires: Thu, 18 Aug 2022 06:00:48 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 96A5
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

137ms
137ms

Document
text/html

52.203.133.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.133.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-133-218.compute-1.amazonaws.com
Software: /
Resource Hash: 445e340df61cd8d22e73109ebc582fc8e47de47aa1c5f350072973d60f789e71

Request headers

Referer: https://r.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 02:00:49 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Thu, 18 Aug 2022 02:00:49 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Thu, 18 Aug 2022 02:00:49 GMT
location: /um/cs&eq_cc=1

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame 96A5 43 B
906 B 75ms
74ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d1b84ac4-8c9d-4610-9066-1edf37ce7da9&expiration=1668736849
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73c70edc289d76dd-LHR
pragma: no-cache
date: Thu, 18 Aug 2022 02:00:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IfSZqrSeTsVzpR4p3LkgZ04rk5XNwHnrxg4OI1aJc%2FIc05xlBaXJ0InckQqSA5EadnizwbX4Tv2K0E6Of13l%2BzxOMAxgfmAlp8UhWhFNaaP1y3hkz0usaXMdIRqjZtuHPOBFP3ZowARGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FFA9 0
742 B 53ms
53ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Aug 2022 02:00:49 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5a55d179-57dd-48b0-bc95-203799c0d68e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pravda.com.ua/	1970-01-20 06:03:00	Name: pageviewCount Value: 1
www.pravda.com.ua/	1970-01-20 05:21:14	Name: _io_ht_r Value: 1
.pravda.com.ua/	1970-01-20 05:19:48	Name: __io_d Value: 1_705468254
www.pravda.com.ua/	1970-01-20 14:05:24	Name: __io_lv Value: 1660788044374
www.pravda.com.ua/	1970-01-20 14:05:24	Name: __io Value: 1b4c41bb6.1655ebac6_1660788044375
.pravda.com.ua/	1970-01-20 05:19:49	Name: __io_session_id Value: b877516ad.5d26e5e60_1660788044376
.pravda.com.ua/	1970-01-20 05:19:48	Name: __io_nav_state42124 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.pravda.com.ua%22%2C%22previousDomain%22%3A%22%22%7D
www.pravda.com.ua/	1970-01-20 14:05:24	Name: __io_unique_42124 Value: 18
www.pravda.com.ua/	1970-01-20 05:21:07	Name: __io_uh Value: 1
www.pravda.com.ua/	1970-01-20 05:19:48	Name: __io_visit_42124 Value: 1
www.pravda.com.ua/	1970-01-20 14:55:48	Name: cbtYmTName Value: nuW89/q8pLyv+qum/f2n//j6pqf4raqrvOMm
.pravda.com.ua/	1970-01-20 05:21:14	Name: _gid Value: GA1.3.1306292869.1660788044
.pravda.com.ua/	1970-01-20 05:19:48	Name: _gat_gtag_UA_554376_1 Value: 1
.pravda.com.ua/	1970-01-20 05:19:48	Name: _gat_UA-554376-1 Value: 1
.pravda.com.ua/	1970-01-20 05:19:48	Name: _gat_gtag_UA_554376_23 Value: 1
.pravda.com.ua/	1970-01-20 14:55:48	Name: _ga_MRSXWZPM31 Value: GS1.1.1660788044.1.0.1660788044.0.0.0
.pravda.com.ua/	1970-01-20 14:55:48	Name: _ga Value: GA1.1.820788045.1660788044
.tt.onthe.io/	1970-01-20 05:21:14	Name: io_uid859faaebd514d65ed0a19a5eea288384 Value: 18
.tt.onthe.io/	1970-01-20 11:41:24	Name: io_user_hash Value: 1b4c41bb6.1655ebac6_1660788044375
.admixer.net/	1970-01-20 07:29:24	Name: am-uid Value: 0929d851eb9741f9b7b62fe90d3d0b93
.rubiconproject.com/	1970-01-20 14:05:24	Name: khaos Value: L6YEBKLN-17-43ST
.rubiconproject.com/	1970-01-20 14:05:24	Name: audit Value: 1\|naVuGyos1qryWXF/TK4eXq2qEsFCZ0ctSdOhPT1GMTmBH6ymE720AASJ0gqAnd+fDeArVX3AY+pcQ35f6D1mTeBxGCOXoSK1RsqIzrdodY/c6UO785F0Pw==
.adnxs.com/	1970-01-20 07:29:24	Name: icu Value: ChgIgO9-EAoYASABKAEwzLr2lwY4AUABSAEQzLr2lwYYAA..
.adnxs.com/	1970-01-20 07:29:24	Name: uuid2 Value: 264687044003161387
.pravda.com.ua/	1970-01-20 14:48:36	Name: __gfp_64b Value: TQHXRFATXE3PCBZ4rm5zbMZBqKZJZRhaM.88uFu2Wbz.M7\|1660788044
loadercdn.net/	1970-01-20 14:55:48	Name: vui Value: de1377d80e1a4e898ee2243c048c091b
.hit.gemius.pl/	1970-01-20 05:29:52	Name: Gtest Value: KlSr5MXGQMQG--7jM5CB6U2issGMXP8c25nSGD7E00DRXBG.
a4p.adpartner.pro/	1970-01-20 06:46:12	Name: apuid Value: 244c1427-a738-4820-be3b-ad487f58483b
.hit.gemius.pl/	1970-01-20 14:48:36	Name: Gdyn Value: KlSYVRMGQMQG--7jM5CB6U2issGMXP8c25nSGD7E00DRFRxSG7RrGS6Gw9aBFlMQYH8W8jBGqSRxSG8.
.pravda.com.ua/	1970-01-20 14:41:24	Name: __gads Value: ID=3046af23ae88be5b-2214139af9cd0053:T=1660788045:S=ALNI_Ma03IvElQdsG5SXv0FIvrq-CmlWMA
.doubleclick.net/	1970-01-20 14:41:24	Name: IDE Value: AHWqTUmidHP4W25PQVktglScZm4_tVwYoaUpfaq7qYBRUi-ssMI4zCc4atUZtqUFqmM
.criteo.com/	1970-01-20 14:41:24	Name: uid Value: 91ca259d-7651-4707-8e26-7c48fa8b75c6
.doubleclick.net/	1970-01-20 05:19:51	Name: DSID Value: NO_DATA
.pravda.com.ua/	1970-01-20 14:41:24	Name: cto_bundle Value: olfVd192SHl6T2pzNUY2SmV1aTA4aEJCUWw1UHdWaTFCWUVXdXFDRHduTGNIVERyWThhd01sSm9WRFk1WjF0SzFRZXJ6Mk5rUzM3UDFUd1liWUJEMUF5b3lsWTVGak5xY0JwNERtQzV5MEZNUXJIWVVCWGt2NGtWV0JYTlNTYSUyQiUyRjdqSk5EMkd1aW5BYXZOQXlCejJSVHpmSnR3JTNEJTNE
.casalemedia.com/	1970-01-20 14:05:24	Name: CMID Value: Yv2dUCG270LESB3yk7jTLgAA
.casalemedia.com/	1970-01-20 07:29:24	Name: CMPS Value: 1193
.casalemedia.com/	1970-01-20 07:29:24	Name: CMPRO Value: 1190
.casalemedia.com/	1970-01-20 14:05:24	Name: CMRUM3 Value: 3962fd9d5005a0&2962fd9d5005a0&1a62fd9d5005a0&2862fd9d5005a00&f162fd9d5005a0&e662fd9d502760&2762fd9d500b40&2d62fd9d5005a0
.casalemedia.com/	1970-01-20 05:21:14	Name: CMST Value: Yv2dUGL9nVAA
.yahoo.com/	1970-01-20 14:05:45	Name: A3 Value: d=AQABBFCd_WICELSgXXss91HTwUpTlt2n2KUFEgEBAQHu_mIHYwAAAAAA_eMAAA&S=AQAAAv-7gxFMIlp3f86czWo0YHs
.rfihub.com/	1970-01-20 14:41:24	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmZgbmFhYGJpYGoAAKIXyuYQAAAA
.rfihub.com/	1970-01-20 14:41:24	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjE0MbM0MzGzMBbiM9QNzMxJDPF1DnEuCLUEACeAzUAlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjE0MbM0MzGzMBbiM9QNzMxJDPF1DnEuCLUEACeAzUAlAAAA
.eqads.com/	1970-01-20 07:32:16	Name: EQUser Value: UID=d1b84ac4-8c9d-4610-9066-1edf37ce7da9
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:05:24	Name: bcookie Value: "v=2&c4dc8909-737e-4a49-8f2b-70832a675fef"
.linkedin.com/	1970-01-20 09:39:00	Name: li_gc Value: MTswOzE2NjA3ODgwNDg7MjswMjEFeUVJ+Jfy0xysU47J0pZWJpOv/HwYR+AR6Vy+kSeB7g==
.linkedin.com/	1970-01-20 05:21:14	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2684:u=1:x=1:i=1660788049:t=1660874449:v=2:sig=AQFOwqcFQp9zN4vkhB94o4tlnncGmtBH"
.casalemedia.com/	1970-01-20 07:29:24	Name: CMTS Value: 1117

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3bdff97af19ff64603d980d381c38eb9.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.indexww.com
cdn.membrana.media
cdn.onthe.io
cm.adgrx.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
img.pravda.com
inv-nets.admixer.net
js-sec.indexww.com
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pravda.com.ua
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
s.amazon-adsystem.com
s.zmctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.taboola.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tt.onthe.io
um2.eqads.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.pravda.com.ua
104.18.18.126
104.18.19.126
107.178.251.122
141.226.228.48
142.250.185.98
145.239.237.56
146.0.227.109
146.59.10.80
178.250.0.165
178.250.2.146
185.187.81.40
185.187.81.41
188.40.115.111
193.0.160.128
2001:4860:4802:34::36
23.205.235.133
23.35.236.188
23.47.209.6
2400:52e0:1e01::883:1
2602:803:c003:200::31
2606:4700::6812:c4c
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2004
2a00:1450:4001:801::2008
2a00:1450:4001:809::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638:1::3
2a05:d018:d29:3605:e5d2:c58:d552:4f0b
2a0c:5c81:5142::2
3.121.203.249
3.33.220.150
34.111.239.200
35.157.246.167
35.244.174.68
37.157.6.242
37.252.172.37
51.83.220.94
52.203.133.218
52.46.155.104
52.95.125.22
65.9.71.118
69.173.144.139
69.173.144.165
72.251.245.179
76.223.111.18
95.217.4.138
041e46bf70fbeb6e8c4efa5dd519679e7c18cc0ea0cf2401a1dc6731574b7b4d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071087b246c2cbc216d74d0e1d5c0d14d6a137e7b873fc3318bcab078b14ee91
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e356b78afe67ec337baaa386cb060f0ef5aca5d2c868fd8d2332c87bd7bc226
0eed1f473c4f13ea403c87486f2bea8a957f587fb4ed1f110d5cd43cda2d51ca
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
135cf9c11f85dba3a5ec7d485df4462ec3b7df294012443bf8dd1ad799a77078
14891d20dbebc0e3872e67b1acef286a30fbf12c98f1005011d4aeb682885d61
156354d08804ab3c0e68fc65c392107c20c9b5dbab765ca4df275a6cd746bd65
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
228a3b791b4b5d31648dd5f362d6685586b53e1165920e9df80477a357aecc97
23a9684e7e6f917fad38a96337a0ee48eb3b0a2e7bdb6cbac5fa450cc725e354
255628716b2eea728756ce28e17a1d8716dbecec84a2dc8f9a6664c41f5fcd92
27f4eb20513cb49452d33d3d5a4fe5552e359026114da038e235ebf373b9bf6c
29fb2a90618cac5595f1a643d4c39eaa481670b3348c4b29f0f283aca788bc9b
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3bb0dfa05c210c131e1a42a4ceb185ac6ab85ddecfccdd61ac824f51e86ed5
304d40297abe04df37bdc9f7a76c05cf15f0124db2115e59251a2da3ff7ca631
32b4efdc24fd2b693c9800348306129eb872d13e9544a231a0fa404951ec57c7
33722d034ebb8fe75e8aa919f58938089c5dea99c37a2ddc71399b50f3d0fbcc
35ab93eb52b8aeb24f4b57fdea5f30071e9be463aa76c0f6647ae6fe1ca27bb7
38598c57a6a00f59c46600b82ba1b84da43ab190481e215fb085ca8a9fa3fee5
3a2703ae8a0552c91e4fafc14202f6ba8c10f7a357ff87561c7f409643ae789b
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3c67049709738f0329f0c2215a5b86149ce72a110b8abfdc3fb612808c645fa3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8b42424702c9f88381d064985b720e2da085b15d7f4f3c2dee3a221859453a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
445e340df61cd8d22e73109ebc582fc8e47de47aa1c5f350072973d60f789e71
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7407773f2f183fdd575c44139ac4140e09de764d8f968b9661f37060daf470
5136bc30e0a8e2741a8206510f7fe359f6aeb3b2f5c2b24e499420fc15263412
523685b138c067197cc856ab8fa9475d6ffbe6f9a9a715f596216b215bdfc5f3
541b9c442f365bea518281a0fb89808c5d12912c5aeb3265b38e1bdd05714354
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56924d6938efccd8bf71b17c4f5a285797bc300ef0b38e38e0561e3c647676b1
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
595dd2499b4804d96cb8ea66281f80040e94c54f8c7c7e1a98c5a3732f1310c8
59d64e77adf2a1383286f54d8132c96a33501f646345b32d3b1187051881a7cf
5bcf40695e94fad0412955244b79a9de0b41c7d8f94f7b95aa53013f4e6f8101
5d908df2ed371e7a111a94c1f3eeabaf2710bce42c09c752a4c7adeca89bf546
5e12c89302429b5985fc7abf62c5ff4a2fcb3ee23e44f1ae6cdf404532e2fc63
5e7dc84f014f3cf143f1f28e6458e185bf47fd5b369a94bcc00591a8d4d7963b
5e8806c944d37eee912157411e49fa929b014c527891e7b23d81cf287ddc4513
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b3a57dbff00412d3f43c711bd17958282579de059baf4045b1092eb4aa7e40
63db7ece9abe0eb8600a79b68d1226a43ed38c0893f9e4d4ff3ed3b0d5bfba47
63e1a1a75e683c02f5c8cbc8335937144ae91bb5c6ca0ae41ea1d4d222f492d7
65436f019d99777aab2956969d7bc4033b4d0a092d9e50210079fb59e8d52c46
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ae8d628a390b92b088a2124d91b96f52682a743e39b8160dadf3dd0e478d7cf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9455bfadc8c53d61e4342101a637e924f572b54e49a4761bca79129a1560fe
6c02be863954b84d5fe9e7d21fe0fabd0bf153d05eabcbb50c30fe981fafb416
6dc7458475c35c783beb00af4f2d473f15f6e61643494429c3db82b895ec5fd6
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
70bb5b87e6b41923f882a39c3b7b3ecdd1a8818c6e1b3f145700ed40943be567
70bf32bcb4c0ab5cfd8d6b03dd1178dd6d424f91547f8065fd600c32275862c5
7181c87bff521fce029fb02d9aa4bf8a7e17e6305530db7dafde75e9fad6846b
7289fa539d682275fdf1a2ae4a5e0cea5621a59b83d4cfd2288f6c55b3585c55
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf
7ad43801c1f03ca87b40de02a59f831b95d6ab6db3c57e309bcf705ee098a645
7ba14593e77bc12f5ae1b01d610adb0411c68ab696c9eaa5f68b1d860fa0d16e
7d4cd515598b21cd963f20e9d7179924828fcb1d60c541dfbbe859bcaba3438c
7e4bb8cd155e5a2e5acf283cdd0fab9ce1a8c6a86d66bab7d328954d41ea2042
7fb20d4df2ecd0a04433dba27cdadae5c401b946bde339cd1b31f884b90a3b29
82a89a51ce8cc330d176ac79be5def72ce0553d7eaccad840d05372abdd2ed20
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8756da26ae9a97d9b844190e4ddcf2bf4a17e498a254be84773f160c9c051bd5
890f93d27b849a4833006695f8b3d4f3409930e3854d0f0b815730d84244ca4e
8957725b4a2c6f363f8ec89bf369c011beca10c776cabe4733c0a7fadd84af6c
89adb1de8feda64e6f2024544d45054fd5cfa9c415c1791babb97639e4ca9d6b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae725019222ebf6828d5be8379a9d545a94cac56698904aca22c1cee14522b6
8b01aa7824e0bf3826ab401b26a3a5e868f815b04cfe48b193c6fda7cc03f31f
8bfda264db168d213e64665c04ad52bfd69e589c9cdb1b6bbde5d32c4a9c65e2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9022649d2ca027a9992082a53db89055bbd4284bb3b5b8599f4b2195b607b3e0
92018f774b7672c3c6b14261ceff2b806ada04880b54f94288b1f02623c676d7
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
93e3691bd78dd2699d106d6ed52f73234131a1fe7867ef66e2fee921d9bf5d34
95dabed6e4b69e93be9bdc32249f7ac74b10acf7fde2cc476e742fb3bb28d86e
96fa106a4c8327abd834abf8d6823dda48c1f021d22235adf3a11df693620ad4
9eaecaf0eb8a74bd2e9bbf29b474efd83f9c8c7112f65bcdf0b9db336fdf59ba
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a46d4b38174e5f94da05cb42fc32fc2bae3d422f632a2c9f013e2048c285a76f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6bdc481ff1e7fc106f2ef108fc061cf0a85e63859937a76366d198aebd20a1b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a9c4690acdee8689796dc9ff361885b351e01d63a2651056985f5f6380052f95
a9f36f1777542c33ef8454386ee72157dc1fe762e06cd7f2980f9742ca3b7be8
ae150613a020360264a78954fb52791895b256e97c5dae0dd8f4e8c4c9cc673d
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
af5a0d2908923020b34ad2806e554d810b0925f377414a3ffdb0aab354aa17a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b431f699b94d71e321c40c1a7ce7ea71b08a913ce8d393a707e158e188fd440c
b720b2bc8bf8edfedbf9a3501db8c53c375bbdef896a9bad7e047946fc57ef86
b8d24f54416baa39218b9f217d3efc874ba7e4cb597cb25349a3f80d66afddf3
ba2877237167ba93c334b14f745b54a850690c08fd87e8f605ec54d92b1873a6
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb6dd77bcd3df1932bffee1f7fd511e6660bf32b13cb2d468c3837368c7b2c4
bd20ceb0fae98369d40120bc52f074f1da607cf2f707d39640aa837cf47cbba9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c243545269963658953178987b1396c27c16b503520a38e9db08fdde467d3227
c96bc80cf1140b927030b9397b8796fbf6d1520c2900c868ab01b6e9f8f7cde2
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc73aa2e43e513212fa2e9168705eff0bdef00cdd474037906710dd3ab77b68c
ceb7ecbf9bd1f7b3dd9f5ca431d2f6e2299e9282b78a90a8b0e0afb6eb4a5cd5
d5994fd4c600a990b29cf1c09bcef124a479ab00025ecb1f1e577f2c7ecfc3ba
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dc56fba3f992bec0569b77f8e101e685a31131cc97512e27eabc0bd0845fa14f
dcb9a5d5221c906abdaa6cdb3e6ed63d1d04fa9e7d6800bb9003abb1ea7cb53a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e16fc16156681b8b79356764b0a4f7231c0f030987d817a32368c010d0064581
e2e2e7df150b15c090f0ed47cfc3fba72b1a35e4a3404f87cd1de3a8336a86c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440285a577220b5c9ef4e84340f6280108ca28ac6b77f8739f798a5f650bf81
e4ae474c81a682c2773a1e561d05bb8df7ecdeadb9adbdbaca50afc10ec4cd4e
e6da904b5cecb6388a0f4b9b91e30ee80d30ba5aadbc2cde5d6e8487b797172a
ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d
ee7e6081e9c48b02da03c5dd4a34c85f933932e318212dd344251c37d87e0c58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dabbbe6a916bd637cf5addfeea3ae2eb430101969d3ce0f0796acbef642afb
f3a22ad2b35d79604cdabf5e4aa079aa55a39c7d7d89eb0830fe8e1deb6207bb
f4b7e9af1ec41968144306faf871842d0a19ec7b137dcc9c7ab59542aa5e8aa3
f4f81d7ec04815b2abf10bdffa0a8e867f48835b1a350b87698e8a01a1f44a50
f5091398c530fd22757a6eb83f8ea3e84afe33e417903959edc8b9c51c2ffbe9
f687aea5c1d558829312fdf7d1f1c4daff6d4b81eb50f0f6c54517d3261b403d
f6d25901d353011fe85625c2f4cc915986e1508184eb67ae69643cca0d66028c
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f83c80775adf9bc5eacc59ae64ee19e14ce4b54109aaaac2447fe54b2bc9c543
fc305fdfcc002fdfa3b77fbe4a4d50a0bcc6fd4f3ae66ab869762eba12100095
fe0735824c048f03d337374cefcdb74eab99e9f197c04888566184f7fb956808

www.pravda.com.ua Open in urlscan Pro 107.178.251.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

94 %HTTPS

40 %IPv6

35 Domains

61 Subdomains

55 IPs

14 Countries

4476 kBTransfer

7076 kBSize

49 Cookies

84 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pravda.com.ua Open in urlscan Pro
107.178.251.122 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

94 %
HTTPS

40 %
IPv6

35
Domains

61
Subdomains

55
IPs

14
Countries

4476 kB
Transfer

7076 kB
Size

49
Cookies

177 HTTP transactions
13 data transactions