pryvitayko.com Open in urlscan Pro
91.200.40.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pryvitayko.com/
Effective URL:
https://pryvitayko.com/
Submission: On April 12 via api (April 12th 2023, 3:57:09 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 32 domains to perform 126 HTTP transactions. The main IP is 91.200.40.115, located in Ukraine and belongs to HVOSTING-AS, UA. The main domain is pryvitayko.com.
TLS certificate: Issued by R3 on March 25th 2023. Valid for: 3 months.

This is the only time pryvitayko.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	91.200.40.115 91.200.40.115	43773 (HVOSTING-AS) (HVOSTING-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.123.183.188 3.123.183.188	16509 (AMAZON-02) (AMAZON-02)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	3.122.65.10 3.122.65.10	16509 (AMAZON-02) (AMAZON-02)
2 2	52.209.220.218 52.209.220.218	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:dc73:e56b:3a29:5c67	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	35.176.154.189 35.176.154.189	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
2	3.9.228.212 3.9.228.212	16509 (AMAZON-02) (AMAZON-02)
126	28

29 91.200.40.115 (Ukraine) 1 redirects

ASN43773 (HVOSTING-AS, UA)
PTR: h115.hvosting.ua

pryvitayko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.pryvitayko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.183.188 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-183-188.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.65.10 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-65-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.220.218 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-220-218.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:dc73:e56b:3a29:5c67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.154.189 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-154-189.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.228.212 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-228-212.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	414 KB
29	pryvitayko.com 1 redirects pryvitayko.com i.pryvitayko.com	653 KB
20	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 ad.doubleclick.net — Cisco Umbrella Rank: 172	103 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 26975 ad4m.at — Cisco Umbrella Rank: 9897 assets.ad4m.at — Cisco Umbrella Rank: 39498	587 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	gstatic.com www.gstatic.com	29 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18634 api.webgains.io — Cisco Umbrella Rank: 52635	31 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	146 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7832	818 B
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1034	170 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 77468	734 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 80279	514 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 779	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 34452	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 830	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 115789 static-de.ad4mat.net — Cisco Umbrella Rank: 149981	4 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284	307 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 51648	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 34696	2 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 138886	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 88501	1 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1912	174 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	876 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	605 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	23 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	82 KB
126	32

	Domain	Requested by
19	pryvitayko.com	1 redirects pryvitayko.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	pryvitayko.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	i.pryvitayko.com	pryvitayko.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.gstatic.com	googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	use.fontawesome.com	pryvitayko.com use.fontawesome.com
3	fonts.googleapis.com	pryvitayko.com googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	r.scoota.co	2 redirects
2	pm.w55c.net	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	pryvitayko.com
1	cdnjs.cloudflare.com	pryvitayko.com
1	code.jquery.com	pryvitayko.com
1	www.googletagmanager.com	pryvitayko.com
126	41

This site contains links to these domains. Also see Links.

Domain
invite.viber.com

Subject Issuer	Validity	Valid
pryvitayko.com R3	`2023-03-25` - `2023-06-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 16 frames:

Primary Page: https://pryvitayko.com/
Frame ID: F31FC2EE1D22EA4C33EC17735DB830B4
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: C6C95D5A4802069BDB3A86F514587F11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&adk=1812271804&adf=3025194257&lmt=1681315024&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpryvitayko.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315024292&bpp=6&bdt=168&idt=259&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7465958625930&frm=20&pv=2&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
Frame ID: BBB9E54482369AFB2D7460EA721D16A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016760915413577&output=html&h=600&slotname=9979384041&adk=1131437977&adf=3996036120&pi=t.ma~as.9979384041&w=300&fwrn=4&fwrnh=100&lmt=1681315024&rafmt=1&format=300x600&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315024338&bpp=21&bdt=215&idt=260&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7465958625930&frm=20&pv=2&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GzLH0lZNH&p=https%3A//pryvitayko.com&dtd=269
Frame ID: 998D3866D6A3EABDCB1AD4BEBF04D263
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11
Frame ID: E20A290140DF4418B8A0D220F3353533
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3F0B67F88B7E8C1712B7DBCC7F9E868C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 58B9A6ADD22F82B01DB833508AD443E8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: 87624D2E77AACE81992888E0613A5E5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 87472DDFD810227259A19A8FFC341DB8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: E94A05DE1DBB244EE3F59A108935A78E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hchy122bpag8688j5tgpjxvgkftp9bde7vamhqxg1n3avyka0stqf42je30ne7y9pzx0ejzfgy59danpzncy25awy4dje6nfaax60jgdww1h7xaj3mq7r16eywe8k99q4r5f0edhewkr4e4smrr76x3pd2t12n52g6xe1qm07kcrwy2tq13acpzqxrqyw9fgrrpak06r4r15qkrmmhtg6zmp3kfcrgvrpd42twzgrs2vgz8gf04bba555974pd1r8nm94z46ef1gnrrtw569qwhtqk1jfyv26daam1eemw7n9c1shx5cwr8wr2pp6pph04mdxtkfrtr8b4p9f9rmvqnrjez29ndtfhtmaqwwymztd4zjnj7w64cqypmghgxn7jdb3znrjrrz5ec86hbbwtm4x98pnt762rpvkqcttezaw6jx1yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%26client%3Dca-pub-7996847353855734%26adurl%3D
Frame ID: 00CF20CA83C8CF98BD9F46AF0CAC06FA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5BB05C709645DC29BE73922A8B7FB32E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1AF2D62637ED26743EA69D6807BE7E8F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Frame ID: 9CDD102A9600A7CC4029B03077A26781
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D369105D2330A1999965DDE312C165D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FA6AF222FE849201697884D05A7D343
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Привітання на всі свята

Page URL History Show full URLs

http://pryvitayko.com/ HTTP 301
https://pryvitayko.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

126
Requests

94 %
HTTPS

56 %
IPv6

32
Domains

41
Subdomains

28
IPs

7
Countries

2291 kB
Transfer

4749 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://invite.viber.com/?g2=AQAL%2BCfmvuHFWkubpkWLqTAw1sUZf9RiSHJqs%2BrCfjrOEwCgvlPD6PKbpubjFl5S

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pryvitayko.com/ HTTP 301
https://pryvitayko.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cver=1&google_push=Aer7DvKmF3i65vhlO3j13F03v60Ny2l2TOihKxcoiiupxJjqFZ7Pz4ArV_AZhOdFEEziTS00-Ph2b-m6faTOKKaw3Cgbo42EcuAVoqs HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cver=1&google_push=Aer7DvKmF3i65vhlO3j13F03v60Ny2l2TOihKxcoiiupxJjqFZ7Pz4ArV_AZhOdFEEziTS00-Ph2b-m6faTOKKaw3Cgbo42EcuAVoqs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0VnQlZ4Yk8xUE1DUWg1&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cver=1&google_push=Aer7DvKmF3i65vhlO3j13F03v60Ny2l2TOihKxcoiiupxJjqFZ7Pz4ArV_AZhOdFEEziTS00-Ph2b-m6faTOKKaw3Cgbo42EcuAVoqs

Request Chain 89

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAns9rGcAcW28CjUU9QBcLs&google_cver=1&google_push=Aer7DvIlr34DJyYD6UyET3OHdMRWtMOhKxBNNX4MOJWBfo3hAVmJig0PZGJUS35AB9TahKL8lmIC2kuSdzqCJs-siztga_TFwM4j_GI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIlr34DJyYD6UyET3OHdMRWtMOhKxBNNX4MOJWBfo3hAVmJig0PZGJUS35AB9TahKL8lmIC2kuSdzqCJs-siztga_TFwM4j_GI

Request Chain 91

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKDKd8emniueOKMLBPD1IvA&google_cver=1&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2ZWqHlm7NAFvI HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKDKd8emniueOKMLBPD1IvA&google_cver=1&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2ZWqHlm7NAFvI HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=53266fd4-b742-47c4-bdf1-a7dd0ad0c30a&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2ZWqHlm7NAFvI&google_hm=KV-kAWm7SIucFrq9sjok9Q==

Request Chain 92

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDHiw8ywyHMeKzzNjI9kRgo&google_cver=1&google_push=Aer7DvLGITZyFog5IkPrdqFPfsvuT1foRF1lXSEuts6g0Mu6IlbsER_yeY9uipoDFyYxPGVW45bw3tCfgD37AbFoMUBrHbD_XNIddyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLGITZyFog5IkPrdqFPfsvuT1foRF1lXSEuts6g0Mu6IlbsER_yeY9uipoDFyYxPGVW45bw3tCfgD37AbFoMUBrHbD_XNIddyQ&google_hm=eS1RQVdHb0t4RTJwR3BPd2ZHbTFpRUx1ME1EMVBoMm1JRn5B

Request Chain 93

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdwT5mXJl8sTEm22yDrP8w&google_cver=1&google_push=Aer7DvLoqPC5ZyFSqBH_I3-la2nBbqDiYQITke236nPMWFRM_ANRgfDGoG0jIEDYp2Wrbd6vCpqGKQEZhw52R7TlJAlzhgT-xi1nDO8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdwT5mXJl8sTEm22yDrP8w&google_cver=1&google_push=Aer7DvLoqPC5ZyFSqBH_I3-la2nBbqDiYQITke236nPMWFRM_ANRgfDGoG0jIEDYp2Wrbd6vCpqGKQEZhw52R7TlJAlzhgT-xi1nDO8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F1P4cOX0SoezzW3njaj1nQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLoqPC5ZyFSqBH_I3-la2nBbqDiYQITke236nPMWFRM_ANRgfDGoG0jIEDYp2Wrbd6vCpqGKQEZhw52R7TlJAlzhgT-xi1nDO8

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_cver=1&google_push=Aer7DvLJ4483gC66aBOZ4Ru8t68vxW_RvTFtIu-LTIcVoTSnJp_OIMq50foltwQHrfIFnfT4sNnB2AuK-to0Enk5sIKL18UtIBSZovM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_push=Aer7DvLJ4483gC66aBOZ4Ru8t68vxW_RvTFtIu-LTIcVoTSnJp_OIMq50foltwQHrfIFnfT4sNnB2AuK-to0Enk5sIKL18UtIBSZovM&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_hm=ZDbU0iEVUB7FYPYIhGCKYAAABH8AAAIB&google_nid=index&google_push=Aer7DvLJ4483gC66aBOZ4Ru8t68vxW_RvTFtIu-LTIcVoTSnJp_OIMq50foltwQHrfIFnfT4sNnB2AuK-to0Enk5sIKL18UtIBSZovM

Request Chain 108

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNzvmsfapP4CFUeS_QcdZlAGhA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 111

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COPzmsfapP4CFZDnuwgd9ioBYw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023041217570683810167427X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pryvitayko.com/
Redirect Chain

http://pryvitayko.com/
https://pryvitayko.com/

34 KB
10 KB

114ms
44ms

Document
text/html

91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

71ef4b8b063a1e0c75fbf4b95879be0083cd92e1480cd654bd2039f38dcbdf63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-length: 8955
content-type: text/html; charset=UTF-8
date: Wed, 12 Apr 2023 15:57:04 GMT
server: Apache/2.4.38 (Debian)
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 12 Apr 2023 15:57:03 GMT
Keep-Alive: timeout=15, max=100
Location: https://pryvitayko.com/
Server: Apache/2.4.38 (Debian)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 50ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPM2KYW08D

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

306b4804c2bd869dea07758f94931a0046d41da859bb301f94b084dbf0723abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 15:57:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3ac8f8e7ca28c015328c1c7107d63abde799529cde0cd99e026410b2c0fbc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:08:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 15:57:04 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.2/css/ 58 KB
13 KB 53ms
18ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.2/css/all.css
Requested by: Host: pryvitayko.com
URL: https://pryvitayko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

Referer: https://pryvitayko.com/
Origin: https://pryvitayko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4AEHGDM8KFTJ19ZQ
age: 1483853
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2iWm6EXeE/tD4+k6FSi1wpyIXcMPsD4goMIenzLA2GPojOnYO3OeHXWLAhQ83jeZahPLUjvmuNuYNlvHB4TiWRg42PT404pMSMvdO/8/6CQ=
last-modified: Wed, 30 Jun 2021 15:40:53 GMT
server: cloudflare
etag: W/"c4af24ce595437830af0a401897698b2"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V05pov9iEa6FPYHi4xVJBMC0uK8LF0kLoVi3sBO1lhUUdXytj2RYnTUSaU0xLCDf%2BB56uNi6aeeIeZcnoB9HhBPYAvy4sWZcw3zX3nC3pZ3PQ2XKeGSCTqTUCI5J0TagimPiqUpCulmoVqHQ9%2F9bUwsw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b6ca9b50d5e9183-FRA

GET
H2 200 hs-mega-menu.min.css
i.pryvitayko.com/assets/vendor/hs-mega-menu/dist/ 3 KB
700 B 136ms
52ms Stylesheet
text/css 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/vendor/hs-mega-menu/dist/hs-mega-menu.min.css

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

c86f1bd4f7f916d033affeceb6b7cb281b0999512ff94b6f46598d7e0c7d0ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "c5e-5f2eb3ee4c630-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 639

GET
H2 200 theme.css
i.pryvitayko.com/assets/css/ 469 KB
59 KB 149ms
66ms Stylesheet
text/css 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/css/theme.css

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

76bde7cf448741f4b12d0a5f1b50e6ad7e35f96bb0c87afff23b9128fbb9c185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:30 GMT
server: Apache/2.4.38 (Debian)
etag: "7537a-5f2eb3eeb3e70-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 59892

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 83ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7996847353855734

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a80a18edc942f6050bca6898ccd74465614dd7f3c398b7abf7875629c40e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Origin: https://pryvitayko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48096
x-xss-protection: 0
server: cafe
etag: 2402781175377867049
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:04 GMT

GET
H2 200 v24.css
i.pryvitayko.com/o/ 7 KB
2 KB 148ms
65ms Stylesheet
text/css 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/o/v24.css?v=2

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

e19684452393b22a075091c85cd37a6db5348e8305e7b743ade3c1925507dd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 12:16:48 GMT
server: Apache/2.4.38 (Debian)
etag: "1b55-5f2ed5f905c11-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2064

GET
H2 200 logo.svg
i.pryvitayko.com/i/ 7 KB
3 KB 120ms
56ms Image
image/svg+xml 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.pryvitayko.com/i/logo.svg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

4f1a9424926628ea30753d21b92d31cd7a56e8e353351400e2a825b348dd0cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 12:06:28 GMT
server: Apache/2.4.38 (Debian)
etag: "1dce-5f2ed3aa65748-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3115

GET
H2 200 ee6b5e7dabeb9951b1ad02aa49f374e5.jpg
pryvitayko.com/m/gr/s/ 15 KB
16 KB 41ms
34ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/ee6b5e7dabeb9951b1ad02aa49f374e5.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

f222499388e3a2544945190f3dfb0980cf6803b5ad698ce31ef9ab04d7cf97b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "3d6e-5f2eb3ed823cf"
content-type: image/jpeg
accept-ranges: bytes
content-length: 15726

GET
H2 200 338.jpg
pryvitayko.com/m/gr/s/ 19 KB
19 KB 41ms
35ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/338.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

f8f144c277ca062d3384c36cc9a32aacbb15fe5b3f2b877ed4ed2ba6e33e7502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "4c46-5f2eb3ed758af"
content-type: image/jpeg
accept-ranges: bytes
content-length: 19526

GET
H2 200 dHoly.jpg
pryvitayko.com/m/gr/s/ 13 KB
13 KB 42ms
37ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/dHoly.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

7bbc89edcaa72b4ae7805744ed2ceb4164a909aa90ff3f79dc37af0b4d185f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "341a-5f2eb3ed7f4ef"
content-type: image/jpeg
accept-ranges: bytes
content-length: 13338

GET
H2 200 50.png
pryvitayko.com/m/gr/s/ 20 KB
20 KB 41ms
35ms Image
image/png 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/50.png

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

2635f737acedcacb7f377738361c61559e7159cf4278599ed588ef7b2cc399f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "4e96-5f2eb3ed8c00f"
content-type: image/png
accept-ranges: bytes
content-length: 20118

GET
H2 200 angels.jpg
pryvitayko.com/m/gr/s/ 15 KB
15 KB 41ms
35ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/angels.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

9a6f21060a952a6f533f2ba8dd7178c3d8905eef4e307fb31e8ad7a4adb69707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "3b16-5f2eb3ed7e54f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 15126

GET
H2 200 family.png
pryvitayko.com/m/gr/s/ 26 KB
26 KB 41ms
36ms Image
image/png 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/family.png

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

77d106ffc78a74e9513f1fdc816e2640b30b60a94a0a79fc742d9fbbaabbb030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "68d7-5f2eb3ed8df4f"
content-type: image/png
accept-ranges: bytes
content-length: 26839

GET
H2 200 professional.webp
pryvitayko.com/m/gr/s/ 11 KB
11 KB 42ms
37ms Image
image/webp 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/professional.webp

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

e96357668bafef780d7f0e427b089bc3173a2450b2749fee0b65f53f02d3690e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
accept-ranges: bytes
etag: "2ae4-5f2eb3ed7972f"
content-length: 10980

GET
H2 200 Religious.png
pryvitayko.com/m/gr/s/ 22 KB
22 KB 42ms
37ms Image
image/png 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/Religious.png

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

2e8155e65a0d405e2a3b11f8c41bd4a95ea688cc4465a8c07a1ee7ce5a6a9ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "5843-5f2eb3ed8c00f"
content-type: image/png
accept-ranges: bytes
content-length: 22595

GET
H2 200 toast.jpg
pryvitayko.com/m/gr/s/ 10 KB
10 KB 42ms
38ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/toast.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

141797e960cfbf8eb93b8f1c528f2d20a9f1b58771462850f6780ec08d22f70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "2723-5f2eb3ed8df4f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 10019

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 127ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eb4d8805290a4f33de76173ebbd02e426310efd8c28a87c4f671c2c6f13bed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47835
x-xss-protection: 0
server: cafe
etag: 8729527021824866252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:04 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 42ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: pryvitayko.com
URL: https://pryvitayko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://pryvitayko.com/
Origin: https://pryvitayko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
vary: Accept-Encoding
x-hw: 1681315024.dop010.fr8.t,1681315024.cds317.fr8.hn,1681315024.cds327.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 32ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7154103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3y%2BYv4eCZTS4rs4ndMBJ86ipaqv25%2FJSs1HfR8oXJbZlzJc17%2BFgkllRCOpM6eGXpR40SZ6Jm06MTTZFpD7vnLGdDTz3K%2BLVrEPt7JoL8D5jYrM7HANM3ELYnN2I2ajvilMPi%2Bb5X7j42xdCAc0f67A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b6ca9b509dfbb50-FRA
expires: Mon, 01 Apr 2024 15:57:04 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 35ms
8ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pryvitayko.com/
Origin: https://pryvitayko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Apr 2023 15:57:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1854806
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
x-served-by: cache-fra-eddf8230104-FRA
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hs-header.min.js Show response
i.pryvitayko.com/assets/vendor/hs-header/dist/ 77 KB
7 KB 124ms
64ms Script
application/javascript 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/vendor/hs-header/dist/hs-header.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

88fae5bcae1dfef54892da00bf8fd02cacfbdc4b455ddac5aba552eb73e3ccf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "135fe-5f2eb3edfe430-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6821

GET
H2 200 hs-go-to.min.js Show response
i.pryvitayko.com/assets/vendor/hs-go-to/dist/ 5 KB
2 KB 113ms
54ms Script
application/javascript 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/vendor/hs-go-to/dist/hs-go-to.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

d97014e8fc65a68f94014321701b3ff04e3728aa88baf950510e6ee69b4c3ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "15e6-5f2eb3edb8ecf-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1858

GET
H2 200 hs-unfold.min.js Show response
i.pryvitayko.com/assets/vendor/hs-unfold/dist/ 34 KB
6 KB 38ms
34ms Script
application/javascript 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/vendor/hs-unfold/dist/hs-unfold.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

82a55e91e73a7fc692cc3fe7f937eec8bff511bc6e203978680e963062605b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "8622-5f2eb3edf8670-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5661

GET
H2 200 hs-mega-menu.min.js Show response
i.pryvitayko.com/assets/vendor/hs-mega-menu/dist/ 101 KB
14 KB 39ms
36ms Script
application/javascript 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/vendor/hs-mega-menu/dist/hs-mega-menu.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

5201be36ed69b04a5f531dfc143cb63b54ae00c6518822bbf683e2107f394e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "19413-5f2eb3ee4c630-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 14394

GET
H2 200 hs-sticky-block.min.js Show response
i.pryvitayko.com/assets/vendor/hs-sticky-block/dist/ 8 KB
2 KB 38ms
35ms Script
application/javascript 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/vendor/hs-sticky-block/dist/hs-sticky-block.min.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

3ca809c3cb920e9f101e6c0a55e490b34896224afcada70366f60533feded3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "1e27-5f2eb3edf76d0-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2144

GET
H2 200 hs.core.js Show response
i.pryvitayko.com/assets/js/ 528 B
397 B 38ms
35ms Script
application/javascript 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.pryvitayko.com/assets/js/hs.core.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

9836fdcbfb17541cf8fb1793cf45c07b84a9cd3a0633d513ef049e113cc423bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "210-5f2eb3ee504b0-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 343

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 92ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EPM2KYW08D&gtm=45je34a0&_p=2113743593&cid=29839699.1681315024&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681315024&sct=1&seg=0&dl=https%3A%2F%2Fpryvitayko.com%2F&dt=%D0%9F%D1%80%D0%B8%D0%B2%D1%96%D1%82%D0%B0%D0%BD%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D0%B2%D1%81%D1%96%20%D1%81%D0%B2%D1%8F%D1%82%D0%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPM2KYW08D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pryvitayko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7996847353855734&plah=pryvitayko.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7996847353855734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdabf395629e1fcaca5d5e76c4e42753139853557f459aaf51dfda5487f5e201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118930
x-xss-protection: 0
server: cafe
etag: 2861820452732794407
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame C6C9 10 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7996847353855734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:37:40 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 15:37:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.2/webfonts/ 78 KB
79 KB 52ms
51ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.2/css/all.css
Origin: https://pryvitayko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GWYM601WPF7YFYEC
age: 2005202
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80252
x-amz-id-2: Tbr43Ed6CSeSVG0r2KnYM7OeyN8+gRlTnD6AjUyRXte/ZkZlE81hsqt6Dh+4c0BI+UQ2jXmOs9I=
last-modified: Wed, 30 Jun 2021 15:41:15 GMT
server: cloudflare
etag: "9ae050d1876ac1763eb6afe4264e6d5a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SRj8TMqz9vnMpwHRlaazbOQlhbjyehiYt7RiwJJWszJJ%2F5R9jNJIguTfxoVS89F1ImJw9zE2EmRk6Q4%2BkRpYmLf%2Frm%2F%2FVHOK0%2BJO6HkGbAwTD0dG6ceny8etcB6pFmtA0q3%2FRYJ%2FsaNaCYmI3Fhv0yF"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7b6ca9b62f359183-FRA

GET
H2 200 48_holiday.jpg
pryvitayko.com/m/gr/s/ 50 KB
51 KB 43ms
42ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/48_holiday.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

164e70e105282eed63b5034150ada84267ea9376deea6d6cd4cba1bddf12f035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "c9c7-5f2eb3ed871ef"
content-type: image/jpeg
accept-ranges: bytes
content-length: 51655

GET
H2 200 50_holiday.jpg
pryvitayko.com/m/gr/s/ 56 KB
56 KB 43ms
42ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/50_holiday.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

97d4ef5845ee810273dbec3d56b9630e46de19b8b177817b6166239ee07e5bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "de4b-5f2eb3ed8c00f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 56907

GET
H2 200 279_holiday.jpg
pryvitayko.com/m/gr/s/ 32 KB
32 KB 44ms
43ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/279_holiday.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

dc58d8a2f30223f886b1aa2a4d76e145f4fe661651bf069bbd700b51479f3b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "7e0b-5f2eb3ed90e2f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 32267

GET
H2 200 284_holiday.jpg
pryvitayko.com/m/gr/s/ 51 KB
52 KB 44ms
43ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/gr/s/284_holiday.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

4e07e9a19229a5a2c601d5ec2f86d3fac24aa1a782b0dd01daa76edd8cdadf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:29 GMT
server: Apache/2.4.38 (Debian)
etag: "cdf2-5f2eb3ed823cf"
content-type: image/jpeg
accept-ranges: bytes
content-length: 52722

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.2/webfonts/ 77 KB
77 KB 20ms
17ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.2/css/all.css
Origin: https://pryvitayko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6MXEMNEKXFE1XNK2
age: 1483867
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78472
x-amz-id-2: CoN2wtkTi8n+GLKwBtsp8yhmcVkCYc9DlAsUbCvmEDC8O6yS6ouoU2bqEapXrkBQq4O/axeaVXz7N4KXTdCK1g==
last-modified: Wed, 30 Jun 2021 15:41:15 GMT
server: cloudflare
etag: "0c9f225e8f69c622f681cf1ed973cc3d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WZct25oilMEF7imLsOXmw5ZihoHObrWtIHN7jVDD129h774ZVxMOrOThhAzpGQxdAM7bPyqN5maHb1eW8YIOP2fmgR7OlDakWFf%2FOgPtYVbQ%2Bh%2FyvWaZyXvDCBQ8mO%2B4piRViHG9aRGZ4oGx2kC%2FNhT"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7b6ca9b68c1bbbbb-FRA

GET
H2 200 1248_news.jpg
pryvitayko.com/m/articles/sm/ 52 KB
52 KB 95ms
89ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/articles/sm/1248_news.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

28dff197b89795f8e20ac313168d96a7f588582036ba924bf7fb93b32795271e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:26 GMT
server: Apache/2.4.38 (Debian)
etag: "cf40-5f2eb3eb1718d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 53056

GET
H2 200 3254_news.jpg
pryvitayko.com/m/articles/sm/ 72 KB
73 KB 98ms
92ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/articles/sm/3254_news.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

5507ccc19e167b5e92c512c7e6f573c2694ef9b6dfdaf000dc5536eedd65e42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:26 GMT
server: Apache/2.4.38 (Debian)
etag: "12174-5f2eb3ea9a18d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 74100

GET
H2 200 3253_news.jpg
pryvitayko.com/m/articles/sm/ 41 KB
42 KB 93ms
88ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/articles/sm/3253_news.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

74347e4bdefa2beda7b2869c6c104a6b99d02069bc217a0cd691cf8e481960db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:26 GMT
server: Apache/2.4.38 (Debian)
etag: "a55f-5f2eb3eab476d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 42335

GET
H2 200 3252_news.jpg
pryvitayko.com/m/articles/sm/ 37 KB
37 KB 94ms
88ms Image
image/jpeg 91.200.40.115
HVOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pryvitayko.com/m/articles/sm/3252_news.jpg

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.200.40.115 , Ukraine, ASN43773 (HVOSTING-AS, UA),

Reverse DNS

h115.hvosting.ua

Software

Apache/2.4.38 (Debian) /

Resource Hash

a025f0c647e2f84ab831fe6d79a93fb2b5592e0ad432f79925b3d71fbc28c6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 23 Jan 2023 09:44:25 GMT
server: Apache/2.4.38 (Debian)
etag: "93fa-5f2eb3ea01c0c"
content-type: image/jpeg
accept-ranges: bytes
content-length: 37882

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
605 B 38ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pryvitayko.com&callback=_gfp_s_&client=ca-pub-7996847353855734

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7996847353855734&plah=pryvitayko.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc3b38da1de1a63901a3683e58e4bc35adf33ca3db0c7bc1825546cbea8d546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 104ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pryvitayko.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 58ms
21ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pryvitayko.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
107ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=oPloader&cls=page-preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
108ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=oPloader&cls=page-preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBB9 170 KB
47 KB 673ms
672ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&adk=1812271804&adf=3025194257&lmt=1681315024&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpryvitayko.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315024292&bpp=6&bdt=168&idt=259&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7465958625930&frm=20&pv=2&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

805baedb75a704500e528eeed79dab1a0c754bf2381c5cdadf51adde43c90797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48196
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:05 GMT
expires: Wed, 12 Apr 2023 15:57:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 998D 84 KB
32 KB 766ms
763ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016760915413577&output=html&h=600&slotname=9979384041&adk=1131437977&adf=3996036120&pi=t.ma~as.9979384041&w=300&fwrn=4&fwrnh=100&lmt=1681315024&rafmt=1&format=300x600&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315024338&bpp=21&bdt=215&idt=260&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7465958625930&frm=20&pv=2&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GzLH0lZNH&p=https%3A//pryvitayko.com&dtd=269

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60039b371aaa00075ab50d333fac2bbc0e1c1b255bd2c5a011c9b6facf13bebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:05 GMT
expires: Wed, 12 Apr 2023 15:57:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19a3dba474323d14459407d21ca8db45699837e0ad7edaf2bc851bcc62bc91ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52071
x-xss-protection: 0
server: cafe
etag: 18045310164290053051
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pryvitayko.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pryvitayko.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E20A 27 KB
12 KB 402ms
401ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86faf6a6690d3facf6040807d90855a40d08bc1ec22e3afe9fc6ffd35fe3d462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:05 GMT
expires: Wed, 12 Apr 2023 15:57:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 998D 2 KB
845 B 64ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016760915413577&output=html&h=600&slotname=9979384041&adk=1131437977&adf=3996036120&pi=t.ma~as.9979384041&w=300&fwrn=4&fwrnh=100&lmt=1681315024&rafmt=1&format=300x600&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315024338&bpp=21&bdt=215&idt=260&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7465958625930&frm=20&pv=2&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GzLH0lZNH&p=https%3A//pryvitayko.com&dtd=269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:38:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 998D 22 KB
9 KB 61ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 998D 3 KB
1 KB 59ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 10:50:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 998D 20 KB
8 KB 61ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 998D 159 KB
49 KB 78ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 998D 33 KB
14 KB 54ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 998D 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-dC_0NQ2ZPmPKvrto9kPxfigkAX11cqEcOuA3NGpEZOkstHrARABIM29xyFgleKQgqAHoAHkyfupKcgBAagDAcgDywSqBMIBT9Ak1KckVKbbl1EUTppZp8w_J0Z4Kc8JMmuCCqir1r78TDn8LK9PeEyHaqKCxKkILZbRvZ-GPYEOkJaDWnGHKVS7kJBOrecb8GbTnbyYpP8JFgLHQgYlGZbQqpw5yX7CnLAiYzPdFixoSKVTxsnPl93IvWSaM9XaGEla5oqeXOwTGP2ek6cGSvAKU8JWkiq5gUGxo_lV9RQxp76M16fMeEPGyP_gV2UsjV3CzHYezlzh_QrHBZvTSRLEMA193SZtDuzABPHVjqK0BJIFBAgEGAGSBQQIBRgEoAYCgAfkgcyJBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPiyAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTEwMTY3NjA5MTU0MTM1NzcYAA&sigh=-ZdwUHysnNY&uach_m=[UACH]&cid=CAQSGwBygQiDEWl-M-Cw6mqY7jYtOlGinIO3SuTVzRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016760915413577&output=html&h=600&slotname=9979384041&adk=1131437977&adf=3996036120&pi=t.ma~as.9979384041&w=300&fwrn=4&fwrnh=100&lmt=1681315024&rafmt=1&format=300x600&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315024338&bpp=21&bdt=215&idt=260&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7465958625930&frm=20&pv=2&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3GzLH0lZNH&p=https%3A//pryvitayko.com&dtd=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 15:57:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pryvitayko.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pryvitayko.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/ Frame 3F0B 10 KB
4 KB 19ms
17ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 14:28:34 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 14:28:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 10170543178481295476
tpc.googlesyndication.com/daca_images/simgad/ Frame 998D 28 KB
28 KB 36ms
13ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10170543178481295476?w=360&h=720

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d5dfcbcddd36c28416368d0943940cc3fa4da1f364fcf8af8f3d58ba97dfdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:05:36 GMT
x-content-type-options: nosniff
age: 35489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28731
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 04:37:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 06:05:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3F0B 4 KB
728 B 25ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:15:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3F0B 205 B
519 B 17ms
11ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 01:42:34 GMT
x-content-type-options: nosniff
age: 51271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Apr 2024 01:42:34 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3F0B 604 B
694 B 17ms
11ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:03:57 GMT
x-content-type-options: nosniff
age: 3188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Apr 2024 15:03:57 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/elements/html/ Frame 3F0B 19 KB
8 KB 49ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:57:05 GMT

GET
DATA 200
OK truncated
/ Frame 998D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2df784524a7edbe7c7a2f6eebedc71d491910c5180ebdc3934b64519c304ff67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 58B9 8 KB
893 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:09:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 58B9 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:38:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 58B9 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:35:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 58B9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 10:50:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 58B9 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58B9 159 KB
49 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 58B9 33 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 8762 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 06:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 06:29:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8747 143 B
166 B 10ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:56:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame E20A 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:38:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame E20A 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 10:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 10:50:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame E20A 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 13:37:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E20A 0
0 45ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0hFBlWHm6ARV7g7_agobUqP_uVv2T9G3e_ky2NpPU9229VyQ9Bz4I1S5xZMHEGjvhZyzZ_B8mPii38AUY9bMbqIoJjg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E20A 159 KB
49 KB 55ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8747
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
27ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:05 GMT
expires: Wed, 12 Apr 2023 15:57:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame E94A 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: pryvitayko.com
URL: https://pryvitayko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 06:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 06:29:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E20A 0
0 57ms
54ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4i3q0dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEugFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcApqGg9EXvSgp9ECOaLf8urLh9nveVmEy76PRGtQ4gwDjkMdt2FVeOABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc5OTY4NDczNTM4NTU3MzQYAA&sigh=3idFLiAKUrY&uach_m=[UACH]&cid=CAQSPABygQiDqKaqtxpnf9x7cHG1zKijUxIESi3tiHOSqjr1SRFW7-eHeYzCchJzotov179KrqJme_LBwhkikRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 15:57:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E20A 0
0 79ms
20ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k8sa7t1ysm3c4ny814xxwhpmeynm341p3djgmqbe9t03h7st818ndf7parm2zsbm1kwqq25p41mkrwajfbajga0jmf4ry1hf5hmj380jk6vja7gkd225pp43bdrtjxp56d396e6d9wmbw79a0mbr8pqeyx6pb5rnygcf3kx8s08f012e8f7z247k026sre6mczn2cr003k75esnvv65g2sq0sxtg7f8mpg5d82dnfh1yda54fvax1bjfckmyscgnmh4c1byka1993z93467d3y8zt68zkefv15x9gb0njex83z3whckcsdznr075v90y1hvw2716ytx7mpxx4sg0fk9jfhz6bhmyacrbgr2zqfr9v9c2dvt5xbhm2d7xxey9av5e674zr&b=ZDbU0QAFdVYIFV3qAAkkiXZKsGeDL64J9z-EvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Apr 2023 15:57:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 00CF 2 KB
2 KB 89ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hchy122bpag8688j5tgpjxvgkftp9bde7vamhqxg1n3avyka0stqf42je30ne7y9pzx0ejzfgy59danpzncy25awy4dje6nfaax60jgdww1h7xaj3mq7r16eywe8k99q4r5f0edhewkr4e4smrr76x3pd2t12n52g6xe1qm07kcrwy2tq13acpzqxrqyw9fgrrpak06r4r15qkrmmhtg6zmp3kfcrgvrpd42twzgrs2vgz8gf04bba555974pd1r8nm94z46ef1gnrrtw569qwhtqk1jfyv26daam1eemw7n9c1shx5cwr8wr2pp6pph04mdxtkfrtr8b4p9f9rmvqnrjez29ndtfhtmaqwwymztd4zjnj7w64cqypmghgxn7jdb3znrjrrz5ec86hbbwtm4x98pnt762rpvkqcttezaw6jx1yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%26client%3Dca-pub-7996847353855734%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b0e7941ca04c61b40f2fcf59818dcd45ae0c46cf242f390b59d33bb266f8596

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b6ca9bfc9d63a44-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:05 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5BB0 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Thu, 13 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E20A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1d5253d992f982d82d63502ef46701104ada8f7e9f1e4708d0df869d24265f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5BB0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0VnQlZ4Yk8xUE1DUWg1&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cver=1&google_push=Aer7DvKmF3i65vhlO3j13F03v60Ny2l2TOihKxcoiiupxJj...

170 B
329 B

23ms
20ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0VnQlZ4Yk8xUE1DUWg1&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cver=1&google_push=Aer7DvKmF3i65vhlO3j13F03v60Ny2l2TOihKxcoiiupxJjqFZ7Pz4ArV_AZhOdFEEziTS00-Ph2b-m6faTOKKaw3Cgbo42EcuAVoqs

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 15:57:05 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0VnQlZ4Yk8xUE1DUWg1&google_gid=CAESEJaV9lOd_sdTYXRjWTyJt-o&google_cver=1&google_push=Aer7DvKmF3i65vhlO3j13F03v60Ny2l2TOihKxcoiiupxJjqFZ7Pz4ArV_AZhOdFEEziTS00-Ph2b-m6faTOKKaw3Cgbo42EcuAVoqs
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAns9rGcAcW28CjUU9QBcLs&google_cver=1&google_push=Aer7DvIlr34DJyYD6UyET3OHdMRWtMOhKxBNNX4MOJWBfo3hAVmJig0PZGJUS35AB9TahKL8lmIC2kuSdzqCJs-s...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIlr34DJyYD6UyET3OHdMRWtMOhKxBNNX4MOJWBfo3hAVmJig0PZGJUS35AB9TahKL8lmIC2kuSdzqCJs-siztga_TFwM4j_GI

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIlr34DJyYD6UyET3OHdMRWtMOhKxBNNX4MOJWBfo3hAVmJig0PZGJUS35AB9TahKL8lmIC2kuSdzqCJs-siztga_TFwM4j_GI

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 Apr 2023 15:57:06 GMT
Server: MT3 776 936c8db master zrh-pixel-x11 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIlr34DJyYD6UyET3OHdMRWtMOhKxBNNX4MOJWBfo3hAVmJig0PZGJUS35AB9TahKL8lmIC2kuSdzqCJs-siztga_TFwM4j_GI
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 Apr 2023 15:57:05 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5BB0 0
174 B 54ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDjmI6TAFHe2mDkqSNuh610&google_cver=1&google_push=Aer7DvIdxlVwcAzi-UbMCHFbCuXrrMkGrEgkLAA5NBfj8pcGdNgNztqFJME9Cl9mOf5ahKYokXdJjNN0BkPdCVXWeyW5lrWBx0D1RQs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7996847353855734&output=html&h=90&adk=1561796920&adf=2497992842&pi=t.aa~a.2050878595~i.1~rp.4&w=730&fwrn=4&fwrnh=100&lmt=1681315025&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9232114815&ad_type=text_image&format=730x90&url=https%3A%2F%2Fpryvitayko.com%2F&fwr=0&pra=3&rh=183&rw=730&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681315025316&bpp=1&bdt=1192&idt=2&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8dc2e2e06dce1df7-22f5ac908edd002b%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA&gpic=UID%3D00000be0e554822e%3AT%3D1681315024%3ART%3D1681315024%3AS%3DALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg&prev_fmts=0x0%2C300x600&nras=2&correlator=7465958625930&frm=20&pv=1&ga_vid=29839699.1681315024&ga_sid=1681315025&ga_hid=2113743593&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31071755%2C44785293&oid=2&pvsid=534692130086080&tmod=685622679&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ILSwxa1XRc&p=https%3A//pryvitayko.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB0
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKDKd8emniueOKMLBPD1IvA&google_cver=1&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2Z...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKDKd8emniueOKMLBPD1IvA&google_cver=1&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=53266fd4-b742-47c4-bdf1-a7dd0ad0c30a&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2ZWqHlm7NAFvI&google_hm=KV-kAWm7SIucFrq9sjok...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2ZWqHlm7NAFvI&google_hm=KV-kAWm7SIucFrq9sjok9Q==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIKi-xuzcMg1yH_aAwjtkybBGQ2hj5G2UMFT9RFfej_DlF6o-JN1WI43LB60aTmgjwUwafkx42s2aqJ1T6vSs2ZWqHlm7NAFvI&google_hm=KV-kAWm7SIucFrq9sjok9Q==
date: Wed, 12 Apr 2023 15:57:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDHiw8ywyHMeKzzNjI9kRgo&google_cver=1&google_push=Aer7DvLGITZyFog5IkPrdqFPfsvuT1foRF1lXSEuts6g0Mu6IlbsER_yeY9uipoDFyYxPGVW45bw3tCfgD37AbFoMUBrHbD...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLGITZyFog5IkPrdqFPfsvuT1foRF1lXSEuts6g0Mu6IlbsER_yeY9uipoDFyYxPGVW45bw3tCfgD37AbFoMUBrHbD_XNIddyQ&google_hm=eS1RQVdHb0t4RTJwR3B...

170 B
188 B

26ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLGITZyFog5IkPrdqFPfsvuT1foRF1lXSEuts6g0Mu6IlbsER_yeY9uipoDFyYxPGVW45bw3tCfgD37AbFoMUBrHbD_XNIddyQ&google_hm=eS1RQVdHb0t4RTJwR3BPd2ZHbTFpRUx1ME1EMVBoMm1JRn5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 Apr 2023 15:57:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLGITZyFog5IkPrdqFPfsvuT1foRF1lXSEuts6g0Mu6IlbsER_yeY9uipoDFyYxPGVW45bw3tCfgD37AbFoMUBrHbD_XNIddyQ&google_hm=eS1RQVdHb0t4RTJwR3BPd2ZHbTFpRUx1ME1EMVBoMm1JRn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F1P4cOX0SoezzW3njaj1nQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F1P4cOX0SoezzW3njaj1nQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLoqPC5ZyFSqBH_I3-la2nBbqDiYQITke236nPMWFRM_ANRgfDGoG0jIEDYp2Wrbd6vCpqGKQEZhw52R7TlJAlzhgT-xi1nDO8

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F1P4cOX0SoezzW3njaj1nQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLoqPC5ZyFSqBH_I3-la2nBbqDiYQITke236nPMWFRM_ANRgfDGoG0jIEDYp2Wrbd6vCpqGKQEZhw52R7TlJAlzhgT-xi1nDO8
date: Wed, 12 Apr 2023 15:57:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_hm=ZDbU0iEVUB7FYPYIhGCKYAAABH8AAAIB&google_nid=index&google_push=Aer7DvLJ4483gC66aBOZ4Ru8t68vxW_RvTFtI...

170 B
188 B

22ms
20ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_hm=ZDbU0iEVUB7FYPYIhGCKYAAABH8AAAIB&google_nid=index&google_push=Aer7DvLJ4483gC66aBOZ4Ru8t68vxW_RvTFtIu-LTIcVoTSnJp_OIMq50foltwQHrfIFnfT4sNnB2AuK-to0Enk5sIKL18UtIBSZovM

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 15:57:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDs9XdAoBo-UkG_-NaURJMk&google_hm=ZDbU0iEVUB7FYPYIhGCKYAAABH8AAAIB&google_nid=index&google_push=Aer7DvLJ4483gC66aBOZ4Ru8t68vxW_RvTFtIu-LTIcVoTSnJp_OIMq50foltwQHrfIFnfT4sNnB2AuK-to0Enk5sIKL18UtIBSZovM
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5BB0 0
130 B 76ms
14ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KedUUgLM0LYq_Q7LavlR6J5Nu8uLb6QHGYdTwqvXvCoValOnDk7w_eCy10nqGKugETrA3X

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 00CF 94 KB
12 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hchy122bpag8688j5tgpjxvgkftp9bde7vamhqxg1n3avyka0stqf42je30ne7y9pzx0ejzfgy59danpzncy25awy4dje6nfaax60jgdww1h7xaj3mq7r16eywe8k99q4r5f0edhewkr4e4smrr76x3pd2t12n52g6xe1qm07kcrwy2tq13acpzqxrqyw9fgrrpak06r4r15qkrmmhtg6zmp3kfcrgvrpd42twzgrs2vgz8gf04bba555974pd1r8nm94z46ef1gnrrtw569qwhtqk1jfyv26daam1eemw7n9c1shx5cwr8wr2pp6pph04mdxtkfrtr8b4p9f9rmvqnrjez29ndtfhtmaqwwymztd4zjnj7w64cqypmghgxn7jdb3znrjrrz5ec86hbbwtm4x98pnt762rpvkqcttezaw6jx1yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%26client%3Dca-pub-7996847353855734%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hchy122bpag8688j5tgpjxvgkftp9bde7vamhqxg1n3avyka0stqf42je30ne7y9pzx0ejzfgy59danpzncy25awy4dje6nfaax60jgdww1h7xaj3mq7r16eywe8k99q4r5f0edhewkr4e4smrr76x3pd2t12n52g6xe1qm07kcrwy2tq13acpzqxrqyw9fgrrpak06r4r15qkrmmhtg6zmp3kfcrgvrpd42twzgrs2vgz8gf04bba555974pd1r8nm94z46ef1gnrrtw569qwhtqk1jfyv26daam1eemw7n9c1shx5cwr8wr2pp6pph04mdxtkfrtr8b4p9f9rmvqnrjez29ndtfhtmaqwwymztd4zjnj7w64cqypmghgxn7jdb3znrjrrz5ec86hbbwtm4x98pnt762rpvkqcttezaw6jx1yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%26client%3Dca-pub-7996847353855734%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 103944
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zpDynbeRNqZ1zFMaO8zw%2FtuDvAfvZsB4MnHY1Pqu%2FE%2FnVncbW3vfEFzjOZiEhRKYUWT0L2H3nB%2Bg8V2upXCxOQbRQE1jgxFPFICCVDfyaIh%2Fbzh4HsC4gn44FA20bxfGmHmZFchrvc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b6ca9c03a663a44-FRA
expires: Wed, 12 Apr 2023 16:57:05 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 00CF 25 KB
10 KB 29ms
20ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hchy122bpag8688j5tgpjxvgkftp9bde7vamhqxg1n3avyka0stqf42je30ne7y9pzx0ejzfgy59danpzncy25awy4dje6nfaax60jgdww1h7xaj3mq7r16eywe8k99q4r5f0edhewkr4e4smrr76x3pd2t12n52g6xe1qm07kcrwy2tq13acpzqxrqyw9fgrrpak06r4r15qkrmmhtg6zmp3kfcrgvrpd42twzgrs2vgz8gf04bba555974pd1r8nm94z46ef1gnrrtw569qwhtqk1jfyv26daam1eemw7n9c1shx5cwr8wr2pp6pph04mdxtkfrtr8b4p9f9rmvqnrjez29ndtfhtmaqwwymztd4zjnj7w64cqypmghgxn7jdb3znrjrrz5ec86hbbwtm4x98pnt762rpvkqcttezaw6jx1yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%26client%3Dca-pub-7996847353855734%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 598447
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrbjkOrm30DoF2XoDP9U90JS1%2Bx1P5doEH%2BVEqfeXw63ztUUAM1QpAjo7ZHHUnZzlC%2B0eJtTdHO5rfPowt5x7NeAgz%2BT%2FM2XSk5KlmAbcHY9AUFgQ7Tz0OJ87xFnpokt0IklX1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b6ca9c03a6d3a44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 04 Apr 2023 13:45:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 00CF 3 KB
4 KB 79ms
23ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2255
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lN3qBzYNX4ZdLTgT2GlEFTUSc9CcCEup3hU7yOQTrRuTRPXPrAgrnYtMcjtEeUHdL0Nbr1EerGgThfJmTCcWBAB76T8IhzgsCc4HaoZ%2BImey5mm%2F2vE0gW%2B5zTPe75915foGfmkjlkAMywS6pW5%2FStkD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7b6ca9c0ce1e5cb0-FRA
expires: Wed, 12 Apr 2023 15:56:26 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1AF2 2 KB
1 KB 51ms
49ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2674391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b6ca9c07ea630d2-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 15:57:06 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2kCnLVbIr%2F7lEh94btA3PTvRRu2ar0Fmd7A%2BpeEj9kLpLATOtEAWOacQW7gcy0CHFjInYmwEqJkjWwOejMBlRSw7BiM7YwFlEMsO%2BKcyxkROWRcw0Tn86s0Bc4EutC8M73K7oM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 00CF 1 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb58bf0ff3d323fe5b849bf0ffa07e094c9f27497e069fe03d8ef1cfb1ce475

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy4o4MeL0SMKBjgaJt%2FThwST3ez0AGhk4OS2yZG3OAi2Xqno676qufH6V7Fo3jh01i7KqtrGyo408ktneGNh9aUVMqndcRYPVQIzjUaGapAMa2epYDM82kuF1a3kC6Z51izRMFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7b6ca9c1390a2c75-FRA
x-backend-server: aa-reachservice-group-europe-west1-8rlm
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 55ms
30ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6ca9c108ab2c75-FRA
content-length: 24
content-type: text/plain
date: Wed, 12 Apr 2023 15:57:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq%2B%2BvYnDuTiKkvYA898k3hdxHwHHQZ%2FdJas%2B%2BB%2BZoBiI7oAmlv1YcgcfbgLs3WA4wYGrcjdpC0was2Nuu60cFya%2FTTeVEMpd1XApowK566Jx9c%2FCcbCz4Ay%2F%2FQeSpmjWpIrKct8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8rlm

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 86ms
79ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230410&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15279c08a6684677812b42c1210dbaaafd75143341a070c800c6de198e72ed2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11404
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9CDD 11 KB
5 KB 46ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0451eee73a1d5fbb3b898c317ca1dcce13880350d8c0439a35a1ffa52814646

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hchy122bpag8688j5tgpjxvgkftp9bde7vamhqxg1n3avyka0stqf42je30ne7y9pzx0ejzfgy59danpzncy25awy4dje6nfaax60jgdww1h7xaj3mq7r16eywe8k99q4r5f0edhewkr4e4smrr76x3pd2t12n52g6xe1qm07kcrwy2tq13acpzqxrqyw9fgrrpak06r4r15qkrmmhtg6zmp3kfcrgvrpd42twzgrs2vgz8gf04bba555974pd1r8nm94z46ef1gnrrtw569qwhtqk1jfyv26daam1eemw7n9c1shx5cwr8wr2pp6pph04mdxtkfrtr8b4p9f9rmvqnrjez29ndtfhtmaqwwymztd4zjnj7w64cqypmghgxn7jdb3znrjrrz5ec86hbbwtm4x98pnt762rpvkqcttezaw6jx1yg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%26client%3Dca-pub-7996847353855734%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b6ca9c1785b30d2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 300ms
299ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 15:57:06 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 9CDD 94 KB
12 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 103945
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osLMw%2FCNPDj%2FTYtkmJVRx%2BzgsvsQJq8NZDqUmtE05PJdgUdDPNuIMYTk5VCDR5TtN32OqfZlr8JRXJCCnrfrccCNEqodNw6BQmGBrllZvmm8ZoVQe%2Fg3K3cn%2B28QQ%2Bd5AwC%2B03K9nJ4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b6ca9c1c90a30d2-FRA
expires: Wed, 12 Apr 2023 16:57:06 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9CDD 53 KB
54 KB 48ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 736308
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJUcQCozlTEZaBaJMiE%2Fb239N9TTwt5fDp8aZbjDASnIbg56L694DurbvwWFLLxKe4Vqot8JYVey3RW2%2Bb%2B%2F390R3O4V18hE9IQwYa9iAdOrnmXa42ezS1LB1JxyMFvWI%2FFeqmpUJicxS%2Foa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ca9c1ecbc3a44-FRA
expires: Thu, 13 Apr 2023 15:57:06 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9CDD 31 KB
31 KB 44ms
26ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517130
cf-polished: degrade=85, origSize=132437, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31747
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaeIAROAb%2FQowgufWem3bHYazdrM5YNDbkc8CRH2DAxyVMS3XMHsr1s5AHZX%2FJEDVtDn47SUIIUfFR7iNZnYSDpTdS5OydjKQ0Mj%2BFHzJbbK2fXDAZJZ6%2FVmuG7I72qZ3v7IFIcGDovjDwmz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ca9c1ecbb3a44-FRA
expires: Thu, 13 Apr 2023 15:57:06 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9CDD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNzvmsfapP4CFUeS_QcdZlAGhA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

59ms
17ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 15:57:06 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Wed, 12 Apr 2023 15:57:06 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9CDD 13 KB
14 KB 44ms
26ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2670462
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33izRKTNnNtrZEAH0QGiaKrQHiIX58fst9Lnd1oQFVnjVqKTqbrDeHkNwqiloNRbvvQdgyvNVskAmj8cIdwb6i%2FovxYiR7IKgysNYsRR68drtbaLtzWrhYem%2FcI1e4a6P4akxk8MvCMljZWM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ca9c1ecb83a44-FRA
expires: Thu, 13 Apr 2023 15:57:06 GMT

GET
H2 200 A82D4E4655959EE65957B3D54C38767F8640A6BF49B28578F60A440F3EB1DCA10D535C0D8D7DE5ABFECB7F47C2F92CA23C7E0F97D343D7CCCB0A93B9F181397B
assets.ad4m.at/ Frame 9CDD 13 KB
13 KB 61ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/A82D4E4655959EE65957B3D54C38767F8640A6BF49B28578F60A440F3EB1DCA10D535C0D8D7DE5ABFECB7F47C2F92CA23C7E0F97D343D7CCCB0A93B9F181397B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3fbf7c17c5c355ffc2c599b7040bdaf254129b19dbd66e946f035465d2aa64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517814
cf-polished: qual=85, origFmt=jpeg, origSize=40544
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13188
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 21:35:19 GMT
server: cloudflare
etag: "3d8410e459f8881b4ef917d426938b2f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vq5WhyBTbcQXrYUoKjlzM%2BPsVo%2BVfjEYgHOhwOWbZBvD6gV9yaiAtbqOygMU%2BfzdQav9LpBhNt%2Fip5M6Bhvq8%2B8kI9Oe5lPChH1Qcz7SevQIhbF1BV%2F4qiOahuPbtrAxV9BRAGmFQmDRC6x3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ca9c1ecb93a44-FRA
expires: Thu, 13 Apr 2023 15:57:06 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 9CDD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COPzmsfapP4CFZDnuwgd9ioBYw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023041217570683810167427X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netm...

49 B
1 KB

60ms
20ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023041217570683810167427X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 15:57:06 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023041217570683810167427X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Wed, 12 Apr 2023 15:57:06 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 9CDD 8 KB
8 KB 45ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 736248
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7692
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 14:32:10 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znP4Jzs7ybYZINhjgfVjkQ5AZmXzigsFia7z4CY5joaeKZWQTIeqRNJPRVxj6kdSwJK8FqFFn%2FT1eAHH04aSQo%2B50oYqoAx1KJX88yYqQO919RLkXXI2DLGPJnWThkIpBp85O5xPtsaY1Zof"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ca9c1ecb43a44-FRA
expires: Thu, 13 Apr 2023 15:57:06 GMT

GET
H2 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 9CDD 422 KB
423 KB 35ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16137866f93d5d309967f967d27a360c79fa570bb280257e5a06ae228a9fbd6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 736248
cf-polished: origFmt=png, origSize=632572
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 432518
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Dec 2021 17:30:00 GMT
server: cloudflare
etag: "ee529fd62e145fb264303add5fb5a944"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCNLLfc0PFEV69BlIy86rB3oMZJGh12%2F4U4jzAeVuluta%2F3JJHI19l7%2FNbSlayW27MJGSFQoVDX6tjwQzxhV5bI13ndp2raNBJPqbxHf0KSCj%2BLdaDmiKzylHh%2Fxo023q47rVeCK3lN%2BI0i7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b6ca9c1ecb63a44-FRA
expires: Thu, 13 Apr 2023 15:57:06 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9CDD 2 KB
2 KB 169ms
62ms Script
text/html 35.176.154.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k4mvyz2h12vvst32afj7r232cp273zd33ynp9hhq9pwbq3a9bd6yt1168yenrfdmmhy0aqqencg2f9530k5edz4ywwzthe8mqx16fm8xw5p3rfwc7qszmr13s4zxgdbnd9q2dnvt9nhek532v8vjkegpsghwc32nx6s4hkass8zdwbttcextw86216wppjc5mwzqztrxhxwb70ea2qeetdeat1yke1sw5qd2a8pq7gmc5vby0hr6z0bc9scaap68g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%252526client%25253Dca-pub-7996847353855734%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.154.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-154-189.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2db58d6325b06e6012629141e6800cd107714a3f317bdff748a79da4af54af7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
last-modified: Wed, 12 Apr 2023 15:57:06 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 12 Apr 2023 15:58:06 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9CDD 85 KB
31 KB 52ms
7ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k4mvyz2h12vvst32afj7r232cp273zd33ynp9hhq9pwbq3a9bd6yt1168yenrfdmmhy0aqqencg2f9530k5edz4ywwzthe8mqx16fm8xw5p3rfwc7qszmr13s4zxgdbnd9q2dnvt9nhek532v8vjkegpsghwc32nx6s4hkass8zdwbttcextw86216wppjc5mwzqztrxhxwb70ea2qeetdeat1yke1sw5qd2a8pq7gmc5vby0hr6z0bc9scaap68g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%252526client%25253Dca-pub-7996847353855734%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 14:54:05 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3782
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 9qWDC2WF-tzXOjQzNhZY-M1XvytqDQBO2nIq0W16mjU6bPLUANquKw==

GET
H2 200 1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 9CDD 2 KB
3 KB 31ms
6ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1681315326&Signature=UXVez8HKJrdXr0Sn8jrSaU~GKlkKiIiV-Gy461dqHIR6kqYBCgZucqD-0sQcmaoyB9pCnfSthlQApE6t2kbE8-Q20yfIcoZ8tMfxK61Xun7MOk9~gvlHZBMbRAu2pOq9IsrQmzUtR2ApMaOgaAcNGPZHzXmO2lIQQpfmyuvUjVe5jRTnJDKlMEe3jSaYu05cup6re17VcjRt~5qk4Z~equx1QQVGfa5EuAOroSskzqFkySE1TDWJj5Nf31Hx-erwiklOdgGG4X5em4u6kfyMjsQAnYsMe89m2xtYrLIJk7a7adZ04BXzEZgjCAZ~5TqNn-5-0-ZWuHUBV6tRJIChRA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C177100&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2CApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9&c=728&d=90&e=&g=034be94a322be5213bfacf6606178d85%2F776919598179718316&i=20774%2C20773%2C65803&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1681315026131&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn7x98hecjd7zvmrhsb4pc667wkqe3wk1dgzxwejfdtmyw6ttyt5c66hfr5wa0dpfjgvh1wemvdr71cj19r6c7v5vwwfsh3y1ct1xw30f4448e75kxzceyq1kxp123b7k6cf7dnq64nw67j6vykh07g1sw5d697qsqm4atnjtz6tf09726m25ghchemgf8gnedyfbxf65cbw4ysvjjgqp1qca1tf9g61y3h4v79rkzwtx8mvtay2rqtwtgrjw35gdqfwqk6wwjy0fpwq77g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqB540dQ2ZNbqFeq71fAPicmkwAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTk2ODQ3MzUzODU1NzM0yAEJqQJ7AHMyalSyPqgDAaoEvQFP0MNI2lbiHNrk58aN8XmFGZxBIvhBSZDMAQYqdruryEyy7rGefhZw9OpYuGeFV3XmkXzcjMq71XxwjbnNawDEXnsvCLlDYmAJclUIffIEMbpXjes8vZrbY4bsusS2mUMY3JtRAqJaWQgPNbn0pjPE9p894ncp2Cqsz2WjeysjvDoOtes82529SEa4_hytvf_yEcAp6mocg6wrBd-Mj64dpYI53CZzt0hsPTYnvdPk0XCkEBUUowEaFSuDMOKABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2mE5tAu2_7fsDqwExAZP1QDoWpYA%2526client%253Dca-pub-7996847353855734%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 12 Apr 2023 01:44:08 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:31:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 51178
etag: "90a67412ed0b25c3e4ca2ad17658d5e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: QVI9jHrJf52LLPoAPj6XFdYOB0ENxD_6gdnr29PpOKUHOGDwVHQXaA==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D369 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 14:13:22 GMT
expires: Thu, 11 Apr 2024 14:13:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5FA6 783 B
970 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0de6f82034ff7473c2beb559f76fca7fa413a9f9e512827f855a6099ea4cdfcf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-alSKB_Ycv9ROB62To70mww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pryvitayko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-alSKB_Ycv9ROB62To70mww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:57:06 GMT
expires: Wed, 12 Apr 2023 15:57:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame D369 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 06:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 06:29:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FA6 0
0 107ms
106ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230410&jk=534692130086080&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D369 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yznd3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:57:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 998D 42 B
64 B 114ms
114ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuokSPrZkBtuK90KnsATDtSs0157_YCT44ihm5FWcGFZMC-JEWKLuxRY7BRR_aR3_gPoYDSVquhllyo0o5GuwZ3goMqoM9Pz1G33ZjnOQIipRgWATC7jRsyiE9rR58zjGLx17Cz5A&sai=AMfl-YTom2pLNkGJb2Hb4gb15xMPP7NuaePoAEB4xPEs5Gu0rh2338MTNLApmX36QwqjN_hUKf9PCqIw2zAj&sig=Cg0ArKJSzFccQ9YyRwpaEAE&cid=CAQSGwBygQiDEWl-M-Cw6mqY7jYtOlGinIO3SuTVzRgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1131437977&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681315024610&rpt=980&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
112ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230410&jk=534692130086080&bg=!2Nul24_NAAYIJb0jKCU7ADkAdvg8WlWiSQydA7oWdN_D-f8k2UoAQcrZ39YsRXZvVurK1VsjLf2UWnaWrqOdPnzyhc9ZJyPi64kCAAAAT1IAAAACaAEHCgDNtImLG9AXwTNL8jKtiN-MxpA_VoqatD_UrOWv87d1cOlHHCaNJjeOTvIO1-0IeRM6NLApqwNZS2qkAUafdc_nFBDOyE-ADGOKMOD83Ri8xmehdMwVTN17Y15gvBbSqXsyhC6ce0u3geGa3Alfibrks-Qs0DlHJnMWzUQkf6u0iWSHVbRh3z2UQyeJwBqBOlAed2kQGwiW0hJjvkNxKNl5Tc3pGnDeM6Hjl-51oOHzy0rLlUcNH9RmhCvCmR0dy5xZpM-904SomUTg_lbqZJkCpXXRw7O28fA5g-yuMPTSFvvW70pjkq9W0YlzNZBG-xae5xm2oylDs2ptLO2NXBjN6uqesVmHlfB6F_5iTiAQAlRSqTGvM4VadckA5hjCKLmoNHO0rbJ9qk01L_25yoG8o-NV3u3i3Gd_fYXqIP_cpXFF_YJs86V_SCKKY6V8uOWBFsPs-OqGOLJtpYOlYn16bz5H_fE-7zm2f9DYFO5NrwmeR_NNWp53Nrluo8kJB9q-vPAHFMTmr6mtE3DUffcrypmGqleXMb7nAq6ewPqzRHXPgnbzLRw7802y7dSjQQfyvFplRSUnUQGIGchYj5hAI7buCB6yMqt8ClEOdPguIIAD2MIfkKPuhq94jJ_GefmZ8Ai18i-Aadxvv6B5LnDE3IcEC7KaB9vbx1qlTtjbmzHg2bsPO50bykaJ2_IijvzAe_LRfKYt4Q88xcjvD-UQMlEqF8k7GbtR4_2DWfvIwB56zIJr9dwiS6AJuNOM5XbiCgXe0bkXb_yIEOZzo8mdajRkKBLzBxthuztnNC_PORmJAbaXZxenaJQnPQPzHX2ZTGuDE4sqiqzWCUo3ytgqXVtYnBaetU0SZQ4P-kxCo_9zVABNpFhlZH-lzVVc-4cRZ8DBfdItqb-u2c9SVDQRuiaseTGzyZ-Uq9TjBsj1lkA1Ke4Buo1aeCB9o6YfBfCNXxRVcT0A2o2BKYrfv6TrzTwW-gKyaB-AWl8rBx34b7zJJ_wG0ehkZg7Tj0CBVE7PwJwBamSYgsG_UMP1Y_jYG23X5qlOZwHla9cfBrMn1ce7oxH_D7ELmm7tTXsm3vWCO9SBOgfziu6acDw1ZifYpShYPsZPwoNC9aDQrusmdjRuWaDvLmHn9oj6rGGTJOI4B3TzOsO-i365hI-3aDb_Yl6o_3WM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9CDD 16 B
232 B 63ms
63ms Fetch
application/json 3.9.228.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.228.212 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-228-212.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 15:57:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 81ms
20ms Preflight 3.9.228.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.228.212 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-228-212.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 12 Apr 2023 15:57:07 GMT
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EPM2KYW08D&gtm=45je34a0&_p=2113743593&cid=29839699.1681315024&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681315024&sct=1&seg=0&dl=https%3A%2F%2Fpryvitayko.com%2F&dt=%D0%9F%D1%80%D0%B8%D0%B2%D1%96%D1%82%D0%B0%D0%BD%D0%BD%D1%8F%20%D0%BD%D0%B0%20%D0%B2%D1%81%D1%96%20%D1%81%D0%B2%D1%8F%D1%82%D0%B0&en=scroll&epn.percent_scrolled=90&_et=17
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPM2KYW08D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pryvitayko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 15:57:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pryvitayko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pryvitayko.com/	1970-01-20 11:02:02	Name: XSRF-TOKEN Value: eyJpdiI6IkEzLzNmeTNTMWVDVVRHaHJZUDlnT1E9PSIsInZhbHVlIjoiMlBGTllaS2FJZ0M0YkZZK0NLL1hZb2UrVmwvOHZuZWVINHdqMDBvNHR5QmdnS1J5cmxUazNDZm5Wbzg5T3NaNjd4MUdtR1lrclJuSjdIY2VNZDVobTVxbW0rV3hkUmxyMG9LRHUzbUJxQlY3RFpvSUFuOWVyRlEyVjMrbHlhWDQiLCJtYWMiOiI0N2VlYjljNGNlNTQ4YjEyNGRhM2U1YWZiOGUwOTk2MzVmZTRkOGY4NDRhYzdjNjk4YzUwYjMzYTQzYWQ3YWE0IiwidGFnIjoiIn0%3D
.pryvitayko.com/	1970-01-20 11:02:02	Name: v24_session Value: eyJpdiI6IncvUlY4T0NXTjN4WFJac0tMRnJURkE9PSIsInZhbHVlIjoiSEJ3SkVydTNEMGMwazZLdTlYSXBNci9nVU14cXdmZVFxSm5qVm1UTmdlTDExSm85R0VlUDcrUDN6REtNWmY3VmV4SEpvT3hLVXJWS1RtQmxranVXN2ExSlJwUFJYUDdFOHRFbFg0dWQzdlBlbUc1R1RlQm5hMG1sQWZ0aFIyMjgiLCJtYWMiOiI3OGY0MzA2NGJhOTQ5MGE2NGU5MWY5ZDI2NjYwODgxMTE5NTQ4YmQ5YTdmYzc1MTY3NzU4MDEwYzM1OGNjMmUwIiwidGFnIjoiIn0%3D
.pryvitayko.com/	1970-01-20 20:37:55	Name: _ga Value: GA1.1.29839699.1681315024
.pryvitayko.com/	1970-01-20 20:37:55	Name: _ga_EPM2KYW08D Value: GS1.1.1681315024.1.0.1681315024.0.0.0
.pryvitayko.com/	1970-01-20 20:23:31	Name: __gads Value: ID=8dc2e2e06dce1df7-22f5ac908edd002b:T=1681315024:RT=1681315024:S=ALNI_Mbs2bJiKstZkbs118PZ0O_IHn-8LA
.pryvitayko.com/	1970-01-20 20:23:31	Name: __gpi Value: UID=00000be0e554822e:T=1681315024:RT=1681315024:S=ALNI_MYq6ntDuEiL5d2CknVQfEEZOfaGNg
.doubleclick.net/	1970-01-20 20:23:31	Name: IDE Value: AHWqTUnIe_h2nicibONew9A--WkJwDJD98s_iWdjOhifOR2NabqCfo2dOSPx2pT0LcQ
.doubleclick.net/	1970-01-20 11:01:58	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 19:47:35	Name: b Value: 6436D4D16C66ADD5FEC0F0F1BLIS
.w55c.net/	1970-01-20 20:32:09	Name: wfivefivec Value: wEgBVxbO1PMCQh5
.w55c.net/	1970-01-20 11:45:07	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 11:03:21	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 19:47:52	Name: A3 Value: d=AQABBNLUNmQCECiDNOGmlNxGMNVe19YIEj8FEgEBAQEmOGRAZAAAAAAA_eMAAA&S=AQAAArOa3o93BRKv6_m1k-DfUiI
.bidswitch.net/	1970-01-20 19:47:31	Name: tuuid Value: 295fa401-69bb-488b-9c16-babdb23a24f5
.bidswitch.net/	1970-01-20 19:47:31	Name: c Value: 1681315026
.bidswitch.net/	1970-01-20 19:47:31	Name: tuuid_lu Value: 1681315026
.pubmatic.com/	1970-01-20 19:47:31	Name: KADUSERCOOKIE Value: 1753F870-E5F4-4A87-B3CD-6DE78DA8F59D
.casalemedia.com/	1970-01-20 19:47:31	Name: CMID Value: ZDbU0iEVUB7FYPYIhGCKYAAA
.casalemedia.com/	1970-01-20 13:11:31	Name: CMPS Value: 1151
.casalemedia.com/	1970-01-20 13:11:31	Name: CMPRO Value: 1151
.mathtag.com/	1970-01-20 20:27:50	Name: uuid Value: 7a376436-d4d2-4800-804d-bdbec6eb8776
.mathtag.com/	1970-01-20 11:45:07	Name: mt_mop Value: 4:1681315026
.scoota.co/	1970-01-20 20:37:55	Name: tuuid Value: 53266fd4-b742-47c4-bdf1-a7dd0ad0c30a
.scoota.co/	1970-01-20 20:37:55	Name: c Value: 1681315026
.scoota.co/	1970-01-20 20:37:55	Name: tuuid_lu Value: 1681315026
.blau.de/	1970-01-20 11:11:59	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4MTMxNTAyNnZsZWExZGUyMDIzMDQxMjE3NTcwNjgzODEwMTY3NDI3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWQ5TTFTTWZLTXR4RXBTS0hCSDJ0N3RycnFzd1RtVHhWY2RvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTEzNzUy
.blau.de/	1970-01-20 11:11:59	Name: nscQ486 Value: V
.blau.de/	1970-01-20 11:11:59	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023041217570683810167427X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4MTMxNTAyNnZsZWExZGUyMDIzMDQxMjE3NTcwNjgzODEwMTY3NDI3WDExMzc1MlYxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 11:11:59	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4MTMxNTAyNnZsZWExZGUyMDIzMDQxMjE3NTcwNjgzODEwMTY3NDMzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 11:11:59	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 11:11:59	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023041217570683810167433X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4MTMxNTAyNnZsZWExZGUyMDIzMDQxMjE3NTcwNjgzODEwMTY3NDMzWDEyMDIxMVYxMjI2MTMyNzAyT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
fonts.googleapis.com
googleads.g.doubleclick.net
i.pryvitayko.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pryvitayko.com
r.scoota.co
region1.google-analytics.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
use.fontawesome.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
142.250.185.102
142.250.186.66
167.233.13.224
18.66.147.98
185.29.132.241
185.64.190.78
185.80.39.216
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700::6811:180e
2606:4700:e2::ac40:840f
2a00:1450:4001:802::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a04:4e42:200::485
2a05:d018:d29:3601:dc73:e56b:3a29:5c67
3.122.65.10
3.123.183.188
3.9.228.212
34.96.105.8
35.176.154.189
52.209.220.218
84.200.5.215
91.200.40.115
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de6f82034ff7473c2beb559f76fca7fa413a9f9e512827f855a6099ea4cdfcf
0fc3b38da1de1a63901a3683e58e4bc35adf33ca3db0c7bc1825546cbea8d546
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
141797e960cfbf8eb93b8f1c528f2d20a9f1b58771462850f6780ec08d22f70b
15279c08a6684677812b42c1210dbaaafd75143341a070c800c6de198e72ed2c
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
16137866f93d5d309967f967d27a360c79fa570bb280257e5a06ae228a9fbd6e
164e70e105282eed63b5034150ada84267ea9376deea6d6cd4cba1bddf12f035
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a3dba474323d14459407d21ca8db45699837e0ad7edaf2bc851bcc62bc91ed
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
2635f737acedcacb7f377738361c61559e7159cf4278599ed588ef7b2cc399f3
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
28dff197b89795f8e20ac313168d96a7f588582036ba924bf7fb93b32795271e
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2db58d6325b06e6012629141e6800cd107714a3f317bdff748a79da4af54af7d
2df784524a7edbe7c7a2f6eebedc71d491910c5180ebdc3934b64519c304ff67
2e8155e65a0d405e2a3b11f8c41bd4a95ea688cc4465a8c07a1ee7ce5a6a9ece
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
306b4804c2bd869dea07758f94931a0046d41da859bb301f94b084dbf0723abe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35d5dfcbcddd36c28416368d0943940cc3fa4da1f364fcf8af8f3d58ba97dfdb
3ca809c3cb920e9f101e6c0a55e490b34896224afcada70366f60533feded3ad
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9
3eb4d8805290a4f33de76173ebbd02e426310efd8c28a87c4f671c2c6f13bed3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e07e9a19229a5a2c601d5ec2f86d3fac24aa1a782b0dd01daa76edd8cdadf2b
4f1a9424926628ea30753d21b92d31cd7a56e8e353351400e2a825b348dd0cb2
50a80a18edc942f6050bca6898ccd74465614dd7f3c398b7abf7875629c40e15
5201be36ed69b04a5f531dfc143cb63b54ae00c6518822bbf683e2107f394e4c
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
5507ccc19e167b5e92c512c7e6f573c2694ef9b6dfdaf000dc5536eedd65e42e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60039b371aaa00075ab50d333fac2bbc0e1c1b255bd2c5a011c9b6facf13bebb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
71ef4b8b063a1e0c75fbf4b95879be0083cd92e1480cd654bd2039f38dcbdf63
74347e4bdefa2beda7b2869c6c104a6b99d02069bc217a0cd691cf8e481960db
76bde7cf448741f4b12d0a5f1b50e6ad7e35f96bb0c87afff23b9128fbb9c185
77d106ffc78a74e9513f1fdc816e2640b30b60a94a0a79fc742d9fbbaabbb030
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
7bbc89edcaa72b4ae7805744ed2ceb4164a909aa90ff3f79dc37af0b4d185f00
805baedb75a704500e528eeed79dab1a0c754bf2381c5cdadf51adde43c90797
82a55e91e73a7fc692cc3fe7f937eec8bff511bc6e203978680e963062605b54
82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d
86faf6a6690d3facf6040807d90855a40d08bc1ec22e3afe9fc6ffd35fe3d462
88fae5bcae1dfef54892da00bf8fd02cacfbdc4b455ddac5aba552eb73e3ccf4
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
97d4ef5845ee810273dbec3d56b9630e46de19b8b177817b6166239ee07e5bf5
9836fdcbfb17541cf8fb1793cf45c07b84a9cd3a0633d513ef049e113cc423bf
9a6f21060a952a6f533f2ba8dd7178c3d8905eef4e307fb31e8ad7a4adb69707
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0e7941ca04c61b40f2fcf59818dcd45ae0c46cf242f390b59d33bb266f8596
9d3fbf7c17c5c355ffc2c599b7040bdaf254129b19dbd66e946f035465d2aa64
a025f0c647e2f84ab831fe6d79a93fb2b5592e0ad432f79925b3d71fbc28c6ed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c3ac8f8e7ca28c015328c1c7107d63abde799529cde0cd99e026410b2c0fbc95
c86f1bd4f7f916d033affeceb6b7cb281b0999512ff94b6f46598d7e0c7d0ba0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cdabf395629e1fcaca5d5e76c4e42753139853557f459aaf51dfda5487f5e201
d0451eee73a1d5fbb3b898c317ca1dcce13880350d8c0439a35a1ffa52814646
d1d5253d992f982d82d63502ef46701104ada8f7e9f1e4708d0df869d24265f5
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d97014e8fc65a68f94014321701b3ff04e3728aa88baf950510e6ee69b4c3ebc
dc58d8a2f30223f886b1aa2a4d76e145f4fe661651bf069bbd700b51479f3b19
e19684452393b22a075091c85cd37a6db5348e8305e7b743ade3c1925507dd43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96357668bafef780d7f0e427b089bc3173a2450b2749fee0b65f53f02d3690e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f222499388e3a2544945190f3dfb0980cf6803b5ad698ce31ef9ab04d7cf97b7
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f144c277ca062d3384c36cc9a32aacbb15fe5b3f2b877ed4ed2ba6e33e7502
fdb58bf0ff3d323fe5b849bf0ffa07e094c9f27497e069fe03d8ef1cfb1ce475

pryvitayko.com Open in urlscan Pro 91.200.40.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

94 %HTTPS

56 %IPv6

32 Domains

41 Subdomains

28 IPs

7 Countries

2291 kBTransfer

4749 kBSize

31 Cookies

1 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pryvitayko.com Open in urlscan Pro
91.200.40.115 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

94 %
HTTPS

56 %
IPv6

32
Domains

41
Subdomains

28
IPs

7
Countries

2291 kB
Transfer

4749 kB
Size

31
Cookies

126 HTTP transactions
2 data transactions