www.unian.ua Open in urlscan Pro
172.67.70.159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etn...
Submission: On November 06 via api (November 6th 2021, 5:55:28 pm UTC) from US — Scanned from DE

Summary HTTP 278 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 65 IPs in 12 countries across 44 domains to perform 278 HTTP transactions. The main IP is 172.67.70.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.unian.ua.
TLS certificate: Issued by R3 on October 29th 2021. Valid for: 3 months.

This is the only time www.unian.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	172.67.70.159 172.67.70.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	104.26.11.30 104.26.11.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.137.240.80 195.137.240.80	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	185.46.149.20 185.46.149.20	44600 (GT-AS) (GT-AS)
9	77.120.110.196 77.120.110.196	25229 (VOLIA-AS) (VOLIA-AS)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
2	2606:4700:303... 2606:4700:3037::6815:3471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 3	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
3	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	209.58.175.20 209.58.175.20	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
1	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
5	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
8	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
2 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	143.204.98.61 143.204.98.61	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.215.101.139 52.215.101.139	() ()
1	51.75.146.199 51.75.146.199	() ()
278	65

26 172.67.70.159 (United States)

ASN13335 (CLOUDFLARENET, US)

www.unian.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.26.11.30 (United States)

ASN13335 (CLOUDFLARENET, US)

images.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
photo.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.137.240.80 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

push.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.46.149.20 (Ukraine)

ASN44600 (GT-AS, UA)
PTR: 185-46-149-20.net.gigatrans.ua

ua2cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.120.110.196 (Ukraine)

ASN25229 (VOLIA-AS, UA)
PTR: 196.110.120.77.colo.static.dcvolia.com

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.110 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.medidexs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.58.175.20 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.248 (Aalsmeer, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.21 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

vid4.tsn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.145 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 4 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-61.fra50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.101.139 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.199 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com tpc.googlesyndication.com	387 KB
26	unian.ua www.unian.ua	918 KB
24	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net 8019191.fls.doubleclick.net	435 KB
17	unian.net images.unian.net www.unian.net photo.unian.net	252 KB
15	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	302 KB
14	redintelligence.net hal9000.redintelligence.net hal900024.redintelligence.net hal900014.redintelligence.net	113 KB
14	google.com analytics.google.com www.google.com adservice.google.com	5 KB
11	mathtag.com tags.mathtag.com pixel.mathtag.com sync.mathtag.com	9 KB
9	adtelligent.com player.adtelligent.com ghb.adtelligent.com ghb1.adtelligent.com ghb2.adtelligent.com sync.adtelligent.com Failed	41 KB
9	google.de www.google.de adservice.google.de	2 KB
9	adpartner.pro a4p.adpartner.pro	25 KB
8	criteo.com 2 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	8 KB
7	google-analytics.com www.google-analytics.com	59 KB
6	webgains.io analytics.webgains.io api.webgains.io	102 KB
6	ampproject.org cdn.ampproject.org	110 KB
6	googletagservices.com www.googletagservices.com	201 KB
5	medialead.de 5 redirects pv.medialead.de medialead.de	4 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl ls.hit.gemius.pl	15 KB
5	admixer.net 1 redirects ua2cdn.admixer.net inv-nets.admixer.net	71 KB
4	webgains.com track.webgains.com	5 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	googletagmanager.com www.googletagmanager.com	227 KB
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	1plus1.ua push.1plus1.ua assay.1plus1.ua	57 KB
2	criteo.net static.criteo.net	54 KB
2	awin1.com www.awin1.com	1 KB
2	ad-server.eu ad-server.eu	624 B
2	media01.eu pb.media01.eu	829 B
2	tsn.ua vid4.tsn.ua	1 KB
2	rubiconproject.com fastlane.rubiconproject.com	3 KB
2	adnxs.com ib.adnxs.com	12 KB
2	adform.net adx.adform.net	406 B
2	adtcdn.com player.adtcdn.com	124 KB
1	id5-sync.com id5-sync.com	530 B
1	hybrid.ai dm.hybrid.ai	238 B
1	a-mo.net prebid.a-mo.net	168 B
1	e-planning.net pbjs.e-planning.net	420 B
1	adxpremium.services rtb.adxpremium.services	3 KB
1	pubmatic.com hbopenbid.pubmatic.com	114 B
1	creativecdn.com prebid-eu.creativecdn.com	174 B
1	openx.net adtelligent-d.openx.net	556 B
1	betweendigital.com ads.betweendigital.com	908 B
1	medidexs.com sync.medidexs.com	21 KB
1	unpkg.com unpkg.com	2 KB
278	44

	Domain	Requested by
26	www.unian.ua	www.unian.ua
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com vid4.tsn.ua 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com cdn.ampproject.org 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
14	securepubads.g.doubleclick.net	www.unian.ua securepubads.g.doubleclick.net www.googletagservices.com vid4.tsn.ua
14	pagead2.googlesyndication.com	www.unian.ua securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	images.unian.net	www.unian.ua
9	a4p.adpartner.pro	www.unian.ua a4p.adpartner.pro
8	hal9000.redintelligence.net	www.unian.ua hal900024.redintelligence.net hal900014.redintelligence.net
7	fonts.gstatic.com	fonts.googleapis.com
7	www.google-analytics.com	www.unian.ua www.google-analytics.com www.googletagmanager.com a4p.adpartner.pro
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	www.googletagservices.com	vid4.tsn.ua securepubads.g.doubleclick.net 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
6	www.google.com	www.unian.ua tpc.googlesyndication.com
6	www.google.de	www.unian.ua
6	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
5	tags.mathtag.com	7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com tags.mathtag.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
5	encrypted-tbn3.gstatic.com	287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
4	api.webgains.io	analytics.webgains.io
4	gum.criteo.com	2 redirects static.criteo.net
4	8019191.fls.doubleclick.net	2 redirects www.unian.ua
4	track.webgains.com	www.unian.ua 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
4	pv.medialead.de	4 redirects
4	sync.mathtag.com	tags.mathtag.com sync.mathtag.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
4	fonts.googleapis.com	287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com securepubads.g.doubleclick.net hal900024.redintelligence.net hal900014.redintelligence.net
4	gaua.hit.gemius.pl	1 redirects www.unian.ua gaua.hit.gemius.pl
4	www.googletagmanager.com	www.unian.ua www.googletagmanager.com
3	mug.criteo.com
3	hal900014.redintelligence.net	hal9000.redintelligence.net hal900014.redintelligence.net
3	hal900024.redintelligence.net	hal9000.redintelligence.net hal900024.redintelligence.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	inv-nets.admixer.net	1 redirects www.unian.ua player.adtcdn.com
3	analytics.google.com	www.googletagmanager.com
3	www.unian.net	www.unian.ua
2	analytics.webgains.io	track.webgains.com
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	www.awin1.com	7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
2	ad-server.eu	7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
2	pb.media01.eu	hal900024.redintelligence.net hal900014.redintelligence.net
2	pixel.mathtag.com	tags.mathtag.com
2	7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	vid4.tsn.ua	a4p.adpartner.pro
2	fastlane.rubiconproject.com	player.adtcdn.com
2	ib.adnxs.com	player.adtcdn.com
2	script.4dex.io	player.adtcdn.com script.4dex.io
2	adx.adform.net	player.adtcdn.com
2	player.adtelligent.com	player.adtcdn.com
2	photo.unian.net	www.unian.ua
2	player.adtcdn.com	www.unian.ua
2	assay.1plus1.ua	www.unian.ua
2	ua2cdn.admixer.net	www.unian.ua ua2cdn.admixer.net
1	id5-sync.com	player.adtcdn.com
1	medialead.de	1 redirects
1	encrypted-tbn1.gstatic.com	287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
1	www.gstatic.com	287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
1	dm.hybrid.ai
1	ghb2.adtelligent.com	player.adtcdn.com
1	mp.4dex.io	player.adtcdn.com
1	prebid.a-mo.net	player.adtcdn.com
1	pbjs.e-planning.net	player.adtcdn.com
1	rtb.adxpremium.services	player.adtcdn.com
1	hbopenbid.pubmatic.com	player.adtcdn.com
1	ghb1.adtelligent.com	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	ads.betweendigital.com	player.adtcdn.com
1	bidder.criteo.com	player.adtcdn.com
1	sync.medidexs.com	player.adtelligent.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	unpkg.com	www.googletagmanager.com
1	push.1plus1.ua	www.unian.ua
0	sync.adtelligent.com Failed	player.adtelligent.com
278	75

This site contains links to these domains. Also see Links.

Domain
photo.unian.ua
www.unian.net
covid.unian.ua
sport.unian.ua
rss.unian.net
telegram.me
www.facebook.com
twitter.com
www.odnoklassniki.ru
vkontakte.ru
vb.me
news.google.com

Subject Issuer	Validity	Valid
*.unian.ua R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-05` - `2022-05-04`	a year	crt.sh
1plus1.ua R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
adpartner.pro R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
assay.1plus1.ua R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-28` - `2021-11-27`	a year	crt.sh
sync.medidexs.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-09` - `2022-01-07`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
*.e-planning.net R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.tsn.ua Go Daddy Secure Certificate Authority - G2	`2021-10-11` - `2022-11-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Frame ID: 353F891C179FF7B5830B430B71FD0412
Requests: 129 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=64151164413134060&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Frame ID: FC9CB487009CD29BB9B42CEFC276825D
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 22E5C681DE414ACA214948E1E4327C52
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=47020781562100056&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Frame ID: 3B49F82C4E1708724A1D845EE1D9C0DD
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c7f86846-a4c7-4f62-952f-1995e0f837cc
Frame ID: 50D5D7C7BD07ADAF8300A20224A2BE4B
Requests: 1 HTTP requests in this frame

Frame: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=d480ed83-98fa-4ce9-9a47-edaeff730fe4&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fd480ed83-98fa-4ce9-9a47-edaeff730fe4%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIyLCJzaG93X2lkIjoiZDQ4MGVkODMtOThmYS00Y2U5LTlhNDctZWRhZWZmNzMwZmU0IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D739d88a141617e97ae5b5b53b8c7a886&bannerNum=64151164413134060
Frame ID: BB2FA29B9647945D88B429AA9572E86A
Requests: 10 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25229546a155-84ea-474a-8de9-49e781fd2c56%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A475542%252C%2522rule_id%2522%253A38590%252C%2522show_id%2522%253A%2522d480ed83-98fa-4ce9-9a47-edaeff730fe4%2522%257D%255D%252C%2522unit_id%2522%253A2563%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d480ed83-98fa-4ce9-9a47-edaeff730fe4%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwww.unian.ua%25252Fincidents%25252F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html%2522%257D
Frame ID: C79C6E2BFED27B9702C3055CD8F9FF35
Requests: 1 HTTP requests in this frame

Frame: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8286F472939B73E57B84EFA006D2255E
Requests: 1 HTTP requests in this frame

Frame: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=c002590c-f24d-4a89-af9e-de1f158e3e17&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fc002590c-f24d-4a89-af9e-de1f158e3e17%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIzLCJzaG93X2lkIjoiYzAwMjU5MGMtZjI0ZC00YTg5LWFmOWUtZGUxZjE1OGUzZTE3IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D73150f527bd8f101488bf031829de61a&bannerNum=47020781562100056
Frame ID: ECA42C674597368A4705A660147C29A4
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25229546a155-84ea-474a-8de9-49e781fd2c56%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A475542%252C%2522rule_id%2522%253A38590%252C%2522show_id%2522%253A%2522c002590c-f24d-4a89-af9e-de1f158e3e17%2522%257D%255D%252C%2522unit_id%2522%253A2563%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522c002590c-f24d-4a89-af9e-de1f158e3e17%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwww.unian.ua%25252Fincidents%25252F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html%2522%257D
Frame ID: 027681F9ED8D0431045D44FD430064EE
Requests: 1 HTTP requests in this frame

Frame: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 649D689BFD51B8C5FD7DF2F2F22E8C02
Requests: 1 HTTP requests in this frame

Frame: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 94F96206D38A55ACE4FF977C2ED57437
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2A8D417447C6FF47315A1BEDFD46872C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1765E6C199DC5B35ACC5268CD4EA70A2
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssqQWiI37-5q7YIOxXZ59gyza1MRjNtQAVsksaVs63wCIIjhqcMBLNhg6M921MOn9W5s2HtYSkJS6SnUwGg65qbftMi3xOSM4KOz3Po189ZLD1bJ_446QY_CxX_jjOaOUEMYkaim9qjw3wJEIPUbwQz3XF827G60F7WHeSXEipxYwJ446VE1OB3lWqHcUOLVmNzF4xao1QGUT0_tGJ9Y8mUdQGvLg-OESqTQHJK1lXPtl9uDf8g_CIT1dNC1qSS4CDt5T-LV0RNygxPWxIq_PKOJGVeI8JEP9O5zmnbAV13ODnrhLOmz2QHK32M9biiDa-ldcGQC4&sig=Cg0ArKJSzCRdWa8pszWrEAE&uach_m=[UACH]&adurl=
Frame ID: D4FE230352C12A70D7F20CAC37E63EA6
Requests: 6 HTTP requests in this frame

Frame: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EB67CB85F8B47238F1925D0A61428074
Requests: 20 HTTP requests in this frame

Frame: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2183D15C96524C012194CEAD01901BF0
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: D6B13CAB16A1288345B0045DE5C40187
Requests: 17 HTTP requests in this frame

Frame: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B2AE44EAF7BD3BFD557F13EF9D93B009
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3599E2586F320DDDDBEF220ACCF2FF51
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E23838DCB942089BEB9F22D0E722098
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 39A0AA2A40C593B321C96C6FC560C5F4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A45F71EECC985CBF6B4438333DFD941C
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49357200126512300951393011770024&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 48481C507C99B373E3C27F647ABF6F86
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432
Frame ID: 659A3FF9486243F7756329D154F8A78B
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
Frame ID: C4560CAC1024B5E9EC5D5C71DF150893
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95347300106830800951393011770014&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 609AE098EDAA1B771724F9B097AE8852
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836
Frame ID: BC8EB17E2108EA8902157E7C9D9BDC03
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
Frame ID: CFC2D754F1432AADAE54A4C27D39657B
Requests: 8 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=3dc16186-c18d-4401-96b0-3a52d042c0a8&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Frame ID: B1A7CF03C752FBDCCB02D178B396B87C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.unian.ua
Frame ID: 0F4749323CEB5A949AC29DA86A8AB335
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

На Луганщині п'яний окупант-осетин порізав "підлеглого" через конфлікт на етнічному підґрунті - розвідка | УНІАНPlay

Page Statistics

278
Requests

97 %
HTTPS

38 %
IPv6

44
Domains

75
Subdomains

65
IPs

12
Countries

3595 kB
Transfer

7633 kB
Size

46
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://photo.unian.ua/
Title: Фотобанк

Search URL Search Domain Scan URL

URL: https://www.unian.net/
Title: Рус

Search URL Search Domain Scan URL

URL: https://covid.unian.ua/
Title: Коронавірус

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://rss.unian.net/site/news_ukr.rss

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/dk?st.cmd=addShare&st.s=1https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Search URL Search Domain Scan URL

URL: http://vkontakte.ru/share.php?https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Search URL Search Domain Scan URL

URL: https://vb.me/unian_web

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAiEKeda9dzr-QeWbkX0M5u7QoqFAgKIhCnnWvXc6_kHlm5F9DObu0K
Title: УНІАН в Google News

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://www.unian.ua/incidents/1473729-na-ternopilschini-cholovik-do-smerti-zabiv-spyanilu-spivmeshkanku-namagayuchis-privesti-do-tyami.html

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.unian.ua/incidents/1473729-na-ternopilschini-cholovik-do-smerti-zabiv-spyanilu-spivmeshkanku-namagayuchis-privesti-do-tyami.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?https://www.unian.ua/incidents/1473729-na-ternopilschini-cholovik-do-smerti-zabiv-spyanilu-spivmeshkanku-namagayuchis-privesti-do-tyami.html

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/dk?st.cmd=addShare&st.s=1https://www.unian.ua/incidents/1473729-na-ternopilschini-cholovik-do-smerti-zabiv-spyanilu-spivmeshkanku-namagayuchis-privesti-do-tyami.html

Search URL Search Domain Scan URL

URL: http://vkontakte.ru/share.php?https://www.unian.ua/incidents/1473729-na-ternopilschini-cholovik-do-smerti-zabiv-spyanilu-spivmeshkanku-namagayuchis-privesti-do-tyami.html

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/ne-vporalisya-z-vorskloyu-dinamo-vpershe-v-sezoni-progralo-v-upl-video-novini-futbolu-11601382.html
Title: Не впоралися з Ворсклою: Динамо вперше в сезоні програло в УПЛ (відео)

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/dinamo-vorskla-video-translyaciya-matchu-upl-novini-futbolu-11601124.html
Title: Динамо - Ворскла: огляд та повне відео матчу УПЛ

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/ukrajinskiy-futbolist-kovalenko-viddav-peremozhniy-goloviy-pas-u-matchi-seriji-a-video-novini-futbolu-11601352.html
Title: Український футболіст Коваленко віддав переможний гольовий пас у матчі Серії А (відео)

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/dorogu-vidkrito-italiyskiy-klub-yakiy-vede-peregovori-z-shevchenkom-zvilniv-trenera-novini-futbolu-11601310.html
Title: Дорогу відкрито: італійський клуб, який веде переговори з Шевченком, звільнив тренера

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/apl-manchester-siti-bez-problem-rozibravsya-z-myu-video-novini-futbolu-11601280.html
Title: АПЛ: Манчестер Сіті без проблем розібрався з МЮ (відео)

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/upl-mariupol-zdobuv-drugu-peremogu-v-sezoni-video-novini-futbolu-11601268.html
Title: УПЛ: Маріуполь здобув другу перемогу в сезоні (відео)

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/postrazhdav-futbolist-v-irlandiji-fanati-zapustili-feyerverk-na-pole-video-novini-futbolu-11601190.html
Title: Постраждав футболіст: в Ірландії фанати запустили феєрверк на поле (відео)

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/boxing/odnogo-ukrajincya-vklyuchili-do-top-10-naykrashchih-bokseriv-xxi-stolittya-novini-boksu-11601172.html
Title: Одного українця включили до топ-10 найкращих боксерів XXI століття

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/zolotiy-m-yach-2021-france-football-vidreaguvav-na-informaciyu-pro-te-shcho-nagorodu-otrimaye-messi-novini-futbolu-11601136.html
Title: "Золотий м'яч-2021": France Football відреагував на інформацію про те, що нагороду отримає Мессі

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/peregovori-na-finalniy-stadiji-shevchenko-ocholit-italiyskiy-klub-zmi-novini-futbolu-11601106.html
Title: Переговори на фінальній стадії: Шевченко очолить італійський клуб - ЗМІ

Search URL Search Domain Scan URL

URL: https://sport.unian.ua/football/laskavo-prosimo-dodomu-barselona-ogolosila-pro-priznachennya-novogo-trenera-novini-futbolu-11601094.html
Title: "Ласкаво просимо додому": Барселона оголосила про призначення нового тренера

Search URL Search Domain Scan URL

URL: https://www.unian.net/games/kak-fifa-tolko-dlya-fanatov-ekstremalnogo-sporta-obzor-riders-republic-igry-11600803.html
Title: Як FIFA, тільки для фанатів екстремального спорту. Огляд Riders Republic

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/balans-nedeli-rada-odobrila-v-pervom-chtenii-gosbyudzhet-i-naznachila-novyh-ministrov-a-regiony-uzhestochayut-karantin-novosti-ukraina-11600752.html
Title: Аналітика Баланс тижня: Рада схвалила у першому читанні держбюджет і призначила нових міністрів, а регіони посилюють карантин

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://inv-nets.admixer.net/vast.aspx?rct=3&zone=22fa44a1-c6f5-4c5a-9501-e7be6044d8eb HTTP 302
https://inv-nets.admixer.net/c.html

Request Chain 91

https://gaua.hit.gemius.pl/_1636221322691/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=lf17vVdbjC3rlfbvvc8KmQ8_fFqbyD64ijULwsTScDf.F7D8o7QzOIqs42r31z3oFhJ0S2NM44v0NKDl3yhLwkpI0zwa/1iZkiRFTNx32q/&fpdata=ZrWAbqH_VRmwP9jqdxxI.ISdhaK0w2haMP7osaX.Z1P.h7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1636221322691/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=lf17vVdbjC3rlfbvvc8KmQ8_fFqbyD64ijULwsTScDf.F7D8o7QzOIqs42r31z3oFhJ0S2NM44v0NKDl3yhLwkpI0zwa/1iZkiRFTNx32q/&fpdata=ZrWAbqH_VRmwP9jqdxxI.ISdhaK0w2haMP7osaX.Z1P.h7&vis=1&fpcap=

Request Chain 122

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c7f86846-a4c7-4f62-952f-1995e0f837cc

Request Chain 229

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=49357200126512300951393011770024&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49357200126512300951393011770024&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 231

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432

Request Chain 233

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49357200126512300951393011770024 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49357200126512300951393011770024 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 241

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=95347300106830800951393011770014&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95347300106830800951393011770014&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 243

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836

Request Chain 245

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=95347300106830800951393011770014 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 273

https://gum.criteo.com/sid/json?origin=publishertag&domain=unian.ua&sn=ChromeSyncframe&so=0&topUrl=www.unian.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Wt302XxrYWdTN0x3TmVmcVREU3o0VTM2TkpaOW9FQUpTSnY4aFNoVEtqMkxON05PeVlPMTgrYk5NTE45UFR0RHgzbjg1QlliWEF6RFlYWWZuNVk1clM5a1lnbUxJTGkraVNkZ3VvS2FBdncxNzhTaU1ZRnhFYmxvTDQ4QkJ3N2w0K2FTdlRHU2pobUdPdXRzcXFVYzF0d2NueUkwUDlSNXlGUzl6a1M5ZnZ4MmNPRjhkNkYycnR6ZUdJck5VMWxxakZ1WkxYeTN2YjdvbzA2dFdGTkFSai9qUTk4U2ZGcVNYOFpSdnZOcEg0V28rMnNLSEVJS3BwdUllWFlNcGxxOE9DcThqYll4S1Q5NHVKTGh3R2NOUFRlWkFWdz09fA&cppv=2

Request Chain 280

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unian.ua%2F&domain=www.unian.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Ii79AnxpaDMvUk9mQ2NxcjJqNzJJem81cjB2Zk1NSDBMUmxvL3pLUDM1S2JWMG9LYVR4YUl1TjdZdlNOR0I5a2l0ZFNzTndXWjZaam5FN29lWmRiSEorT2pQcjU5ckF1aFltR1ZEM1BjbDJRNHhzR0ZHZmQ0M2M1SHU3dklWWVR2YlBhZ2plR09WME4xT3B3VnludEVheGttZzFFUmlDQ3dKWEdRZ1YweHZ6N04rSFp0QXVkVW1WZDYzY2p5VkJEbUl5cFBhOHA4OUFBbDNTTWp3UHRaNVQ0THVxeEE0YzFONkVUR0hqczlPdWNWMUVGMENnS2RMMTgzdTJMamlKOFhRWnBBN1ZJakJsR2xzM0JpeUE0dXBXTzJHdz09fA&cppv=2

278 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html Show response
www.unian.ua/incidents/ 93 KB
24 KB 356ms
324ms Document
text/html 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f4202605d56b7d690fe896cadcdf35108b261fb0562343b538dcd7beda750c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding User-Agent
cache-control: public, s-maxage=60
link
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache: BYPASS; Sat, 06 Nov 2021 17:54:48 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhZ67r5EZvrNh7X7x44wKaLLTxgAJQofdyaGg8TcKdRKr0ce6Oza5EyA6d7PdN7VvlToN89fdgM3MI2uD3tnHiqb5TZU1%2FcZnUP%2BgrnRlpvp2kT6MGu465Jo2G%2FnHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 6aa0313e89354a74-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 latomedium.woff
www.unian.ua/build/assets/fonts/Lato/ 59 KB
60 KB 18ms
16ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Lato/latomedium.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503aa0afd924263e23e5fbe885c36ad5373a0cbf22c24b104032cef8fb831571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60696
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAWtqJKWnKEZdqGhl0RGvplGn8zUeYFGGTujKpcUqdud9w5WRqBQHR54sqXuxcm%2BQ%2BceOgmpRtWnlYuSf%2FphZUZnYAXEmU6WX5%2FF4gjNGXSkkGA9J9w8mwJnti%2FFsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03140df264a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTS55F-webfont.woff
www.unian.ua/build/assets/fonts/PTSans/ 135 KB
135 KB 23ms
22ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/PTSans/PTS55F-webfont.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7c52a5da90dfe325ba1633ab58b3ed2d495dd440a248a6e9f5944e04178a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137932
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2dpoygeLDr30aF%2BYKwVmG1LrhwA3EcV2O93lzry2SGi759hlGwZmOynM78831PBc36lm2k5bJQwU9r%2BAzIGNXYZ5%2B%2BFCFE%2FQGe9QTQLkN5zH7DHZ03BsVAOMeGWMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03140df2a4a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTS56F-webfont.woff
www.unian.ua/build/assets/fonts/PTSans/ 41 KB
41 KB 23ms
22ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/PTSans/PTS56F-webfont.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83b4c7d6f3278b8dfd1cbf392c84ca4e4032c1c988c7fa93cd343395a936346

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41508
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcL5HDWPhxZjxeLB1ah1qF5XjoQUmM62aishNC4Qo5HT0CYcCpVlCr2GFmxyWdxjBcJPuQTCfN%2BSnpyigccfHdXq%2Bn20maE6JRhP4%2BnJm21D54Th5awmf%2BxNn4B4Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03140df2d4a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTS75F-webfont.woff
www.unian.ua/build/assets/fonts/PTSans/ 39 KB
39 KB 29ms
28ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/PTSans/PTS75F-webfont.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775ddd9cbfd52574866001b5fee64556f7727fd135605f0c639aed1bde9911d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39760
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htghp2urGvDFVKofJPuf1bMw2%2BKtCeY6FljBw0JBfUYNiV1LhLMuPxjOJJwttl0GXcoz6%2Bv0t1uGHXKNXLoc3G8g4f6tpeueEvhdXfg77nXk%2FGECJfCBFsLuRfKjCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03140df2e4a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ptsans.woff
www.unian.ua/build/assets/fonts/PTSans/ 31 KB
31 KB 40ms
39ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/PTSans/ptsans.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5124ec463a3a065f6bcc61e1a19e261c2a46bfd70ed71df0f5ce6489171ad4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31620
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkH3wg1B3IakrgOLusouNrLjFFL%2BZcrNK2e4mYw4K7IM5rmOFm8cNJu7ZE9tuXtkWNmtX%2BHT3m%2FDdkLtN3W9RaJE1C1mCPq8fMZH%2BysSQ8XeEp5gJT8yKHmzMdoNrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03140df314a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 permianseriftypeface.woff
www.unian.ua/build/assets/fonts/Permianserif/ 32 KB
32 KB 22ms
22ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Permianserif/permianseriftypeface.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c99bd086c32eeba518bee198628e250e82cc8f55ffc9b50e0c3b0727b67758a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32440
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve2Yus0KsMxNjZcHUcoEKdgnyLbr4DvLc1fshLJ4%2By9eOy6vs%2BF%2BJYabA7YfScgI0Fu%2FGAV5wNJztnbnJKm4WepPVxSKrTU6F97zX8guFK0kS5msDOX5OEo%2BemD%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03140df374a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post.54a5e86845ef567d7d91779ac2f7bb90.css
www.unian.ua/build/ 129 KB
26 KB 28ms
28ms Stylesheet
text/css 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06069294858f5c2243265ffefa210b3894ed16e1115ed13c19eebfb903e816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2269116
cf-polished: origSize=132061
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 11 Oct 2021 11:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5G%2BPJ3xuRZhhSo4VI1RlJf6JEoaeWYMX9BhFFyMUX%2BouDqAKdLE%2B4FlZm%2B3VDVsHyAc%2FNQY%2FgVOZQkQbNdixqzntSNwiSleCSvOKMvFX0OZyB76DoesfqrofeX%2Fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6aa03140df3b4a74-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 unian-logo.svg
www.unian.ua/images/ 4 KB
2 KB 30ms
28ms Image
image/svg+xml 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/unian-logo.svg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41e906a81c69cc3d30f4a9c6fa50b5c3fc5756c9acabfbeaed66e170e62d12f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Sep 2017 10:02:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqYo4nFYPSwTRbcHtwqkA3SSUjEnJA8kXU9EdnSCBBtSsoiSa%2Bn5ZiygXBj0jIB60j0Dc9XgBqgxnxjUvBdH8e46stgdru7VafKh1pKF%2BUGyZ6b6ZJIrWu2TmmuIWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6aa031412e725c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1471430072-4850-okkupant-buhaet-vodka-alkogol-dnr-lnr.jpg
images.unian.net/photos/2016_08/ 37 KB
38 KB 328ms
293ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/photos/2016_08/1471430072-4850-okkupant-buhaet-vodka-alkogol-dnr-lnr.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54dfd5c8179049dcd3550abb3cd5e2e04f323e6535e8595a1854324018abdd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37956
last-modified: Sat, 11 Nov 2017 12:54:01 GMT
server: cloudflare
etag: "7b64b9b580a3bf9e79fbf8961148247f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75i5v8jDaYg9UymWzXzNZZ65Z%2BqMORbk6EXaJ95UeADc%2FGeKIEKlv9Ne2k%2BN8iWlMJopo2q2jrN1km2%2BxlFJGEINsS9VkOHNu70ivqfoFm93s9xXxT4nL0IJ0B%2Bk1LTRnK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415ba2c26d-FRA
x-1p1-cdn: BYPASS; Sat, 06 Nov 2021 17:55:22 GMT
expires: Tue, 04 Nov 2031 17:55:22 GMT

GET
H3 200 unian_vibercommunity_banner_690x100_ukr.png
www.unian.ua/images/ 17 KB
18 KB 32ms
30ms Image
image/webp 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/unian_vibercommunity_banner_690x100_ukr.png

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6409b4fe703e6275a0195c53b79bfa394b11f022aa909612a2f2820e18f49407

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89129
cf-polished: origFmt=png, origSize=24068
content-disposition: inline; filename="unian_vibercommunity_banner_690x100_ukr.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17350
last-modified: Thu, 22 Apr 2021 12:22:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0EjtbC2Wza4KlkjyFusHLU%2BMvq5nAX4sVXtW9tNF0ArYn0ekStvuiGB6zDfiz3gCNFMuQ1pmbIr2et1VV50CXc9ljUYzWql1wMm1rQ9NcD2Mu5TBwbE0hzROexUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031412e755c32-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 gnews.svg
www.unian.ua/images/ 638 B
998 B 23ms
21ms Image
image/svg+xml 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/gnews.svg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf4ba932d3f9494c5ee069be800d4532497f93fba772ff72960a10186ecb44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 01 Oct 2020 12:50:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dm3wHhmh%2FG5g6uGIsz8Vg4veQuCsgVIeEYWw5ZAWiwlITGTk5gna9cr47DvEv%2BR99gzi88zgEkFXxudEEfIB4XdNsDs8L539aoBWQqm0112xO%2BW8SR5wUZWv09E%2BFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6aa031412e765c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ajax-loader.svg
www.unian.ua/images/ 947 B
870 B 24ms
22ms Image
image/svg+xml 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/ajax-loader.svg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Dec 2019 13:36:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t05EllMsvEQHMjV0f4a7XRFfiWSHewxbYWH5e2%2FfojArjNtQn0D%2Bu5Y0bfDJi%2BStlVvnkO4jjzmgtd1ddzHkrdf5CniseMZJxzm4mLEIinZcxOUWNMbU5ZaSd9GLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6aa031412e775c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 owl-carousel.37085af0d4bffb0f050f2e0a01680cc6.css
www.unian.ua/build/ 3 KB
1 KB 51ms
50ms Stylesheet
text/css 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/owl-carousel.37085af0d4bffb0f050f2e0a01680cc6.css

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829e6123b34ec0433c2ee65a79589cb48bab763d75504fb4d9e7cb6c90ea328f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685477
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 24 Dec 2020 09:07:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGKo3sgYBXN1lF%2BF%2BVKyblzmoyE1FdPuqCCU8wn6xFiWAHtBlP8LB1AZZFYnhxS2zcvys%2FmVVcaQk0m17UH6SL1Vv1lir2EfkU3LBJltjyy2xGswxRVTxeUg16M4gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6aa031411e325c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 vendor.e1eebaac35424523b02f.js Show response
www.unian.ua/build/ 179 KB
54 KB 44ms
43ms Script
application/javascript 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/vendor.e1eebaac35424523b02f.js

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c9269a95531d695434bae92d5844264849a67fb28f16faa2a4e863e05f8aae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189071
cf-polished: origSize=182949
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 13:24:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaAgKf7gVDfs8NnRLMcxnr32W2bVXCtIOGXbYlvB6qKVK6hgTba29h83bLUhqZ2EdkSWfCwCwtu%2FmYPtFOvtlzJRWD6%2BPBfa%2Fn7w1B%2FEQGtuUmDzyy3YebzvzqQwRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6aa031412e6d5c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 desktop.e5aec09dc6e0bb7469b2.js Show response
www.unian.ua/build/ 308 KB
96 KB 37ms
34ms Script
application/javascript 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/desktop.e5aec09dc6e0bb7469b2.js

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d804dd72cdec5a751d93cb4e9ab5ad12af4eb1ceabb4accb2e53e3095b1aee91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189069
cf-polished: origSize=315322
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 13:24:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGqF%2FFQHuTSRaILe%2FxCdqPS%2F3LvLXLfNC%2Fq%2Bjtejyg%2BsN5VkEuwPR%2B1CHAb1luUiiNfS34z3s5PGxKAZhZKj4LJKTO6QJsdMLvl7%2Bmw%2FAyeeot9AoPC4nk4feZX3cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 6aa031412e705c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK app.js Show response
push.1plus1.ua/js/ 100 KB
34 KB 223ms
70ms Script
application/javascript 195.137.240.80
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://push.1plus1.ua/js/app.js
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.80 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: b9f9f54f53824a3f573716c3902f9cc6c8d2c96b3c37b72627c3cfe44255948c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Aug 2021 11:01:26 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 13 Nov 2021 17:47:42 GMT

GET
H2 200 widget Show response
www.unian.net/pogoda/ 8 KB
3 KB 157ms
124ms Script
text/html 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.net/pogoda/widget?lang=uk&source=unian

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16ff8fbe1648abcd3327ff09d7e232471bb0398e708e3642b9fa67d35573864

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, User-Agent
x-cache: BYPASS; Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ9yUefjXHWmvHcepgoN6L2QtI0tvAK5hJDgrORYnFzBKDTd3qRFKwHNCHDjG5qZ3NAkF0HHQ7L5CT33PLTROWbV0p2wh3DoJ9x1tky6Dq%2FfNdNl27k4BWDjSXaOcMQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
strict-transport-security: max-age=15552000
cf-ray: 6aa0314159265ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 widget Show response
www.unian.net/pogoda/ 7 KB
1 KB 297ms
264ms Script
text/html 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.net/pogoda/widget?type=footer&lang=uk&source=unian

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad76adb99b92870c5b81b1cdc2f7559e708e8550c6ab9f19eac6d93ead0af354

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, User-Agent
x-cache: BYPASS; Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee%2BicDNPhqL%2FGt8DycOm8FJS13iFx7JHQ4Oru76qeamb38BEH4Fav8KXQM%2B27eVBeKF24KTJnT7%2F3BFTJ918b8lW1FUsAjXSW05ADD8Id8NJ3TNzpWG5zk9l2sTqXs0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
strict-transport-security: max-age=15552000
cf-ray: 6aa0314159285ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
46 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e5ef4498a28687e7a115643f67d2dd868238e7f56c06b0aa9233c93557dc22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46631
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Nov 2021 17:55:22 GMT

GET
H/1.1 200
OK loader.js Show response
ua2cdn.admixer.net/player/roll-replace/stable/ 1 KB
992 B 156ms
37ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ua2cdn.admixer.net/player/roll-replace/stable/loader.js
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 , Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 831594119e8f775b7f4d600978c9b72d4c9100f664056dcd91b4d32ff831f890

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2020 13:27:09 GMT
Server: nginx
ETag: W/"5ebd472d-527"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 07 Nov 2022 17:55:22 GMT

GET
H2 200 vunit Show response
a4p.adpartner.pro/ 10 KB
3 KB 116ms
41ms Script
text/html 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=2563&0.1884081776249018
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: d1d599f0f3f6bf4b966035eac86d751eb1344fa890f5e0d73b8af40a98e1491f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H3 200 start-page.png
www.unian.ua/build/web/images/ 124 B
807 B 27ms
26ms Image
image/webp 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/build/web/images/start-page.png

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2670c8b666ffeaa47b2f89eabed404a0dbb037d9115b1925af324db5330756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89483
cf-polished: origFmt=png, origSize=216
content-disposition: inline; filename="start-page.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 124
last-modified: Thu, 16 May 2019 12:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xf5cTfMXwxhuzLi018EVCMvBuchW5t%2FnOZ7wmDNT2QvvKp%2FiCtDtiqWX0r14xHwCgUNEaqwmFYle5cxvRMVD8IVLv0LvbH8VCN%2FfYmeespNOoTaMtwHh44re8iuKzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031414ec45c32-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 time_icon.svg
www.unian.ua/images/ 293 B
818 B 25ms
25ms Image
image/svg+xml 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/time_icon.svg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee70d5966612315cbcf88ed0517d0a01a232bce4ae92e3ecd8aaeca6cd0726b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 01 Oct 2020 12:50:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ixe6Q6yMcl4IKkuCNGoG4I%2BBv3vd0AWBEKI7WK%2FgEu7toxKLUlhpol18UQ9R2zDLa4yTftCaLdNLnDLy8C4EdO5nc07NlXoAkl84C%2BvRJog6cuLZgXpe2VD5YcQVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6aa031414ec75c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff
www.unian.ua/build/assets/fonts/Fontawesome/ 96 KB
96 KB 23ms
21ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Fontawesome/fontawesome-webfont.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 98024
last-modified: Mon, 27 Nov 2017 10:11:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQINWzHMgc8moYk27AZZwwV0vlnZAbKgb1x%2BIBQulTsyJ8fcZFtSwkAdbqMb4dYnVtAirJEkaIkghcWbUI7AAPz4VpsBfqo%2FcBeFHo2v%2BZICeqFUWi7XQkK6ftyZpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415edf5c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 unianicon.woff
www.unian.ua/build/assets/fonts/unian-icon/ 5 KB
6 KB 25ms
23ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/unian-icon/unianicon.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b1f4b9f20caeb834a4131d0b100e53f258fe81b8ac5367798f22bbb7869bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5588
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmVTkyN9oy5torC2I0rPohlXOlHPOQP7ahN7JExak2hjJINR6feSKTOlQGLPkGGpR3XmrajPtNv7oymomGEoncwNdq25pgl8gSmkvbCQroXINd5fEfYLEOVYqhGRWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415ee25c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latoregular.woff
www.unian.ua/build/assets/fonts/Lato/ 59 KB
60 KB 25ms
24ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Lato/latoregular.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7a40621de140fea12b04805ebabffa3a27e4a2ad7860419f39f101fa4bf53b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 751003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60888
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFHGqIKtW%2BwN44uKRiAOPDFKvtcv4ZTgBmh31v3vhvabHoI3wpe0OSUltNkuluTO%2FADAOGX9ie9QDi1tiUlLmymqbpxceV6HB2dFu3gGrtgu6hnUMAjdnIN%2BSwc9Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415ee45c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latoblack.woff
www.unian.ua/build/assets/fonts/Lato/ 53 KB
54 KB 29ms
27ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Lato/latoblack.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a06636a206691621ef22b7433b612d25654f97da6c47416d9375e25d2f26427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685477
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54344
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRfLoz8RbeigCYKLsOuijeS8biRYjFdK6EkDJw2svoBCKTE19MIKQAbn8a9wpK78AhiHO8PpvPP6%2BX4iTfSj8gkccxL28VN6Qbm7dz4Wu3ZQ5BXkRhheG539KnXykA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415ee65c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latosemibold.woff
www.unian.ua/build/assets/fonts/Lato/ 59 KB
60 KB 35ms
33ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Lato/latosemibold.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2e650fde7b748c6f48495e6fa314563194333aef858db6fa4a6d3d5e19a11e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685477
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60596
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7vYbAR5LrZWKi%2FUo1B0%2B2p20o6e%2BQTwKgnJd28abKLqURDMbGmFueeYyzfC%2FsYsu8J81h5LUd4e8rdWstGpE%2F3KEZE7mDkmKwk3QTK2TgT8AUZZs3xt7hHaPervKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415ee85c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latobold.woff
www.unian.ua/build/assets/fonts/Lato/ 56 KB
56 KB 35ms
34ms Font
font/woff 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/build/assets/fonts/Lato/latobold.woff

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b03996e23dcbea0107d19cd6a07ee6ff84b9cce67b4a2bae564046f89b00e948

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.unian.ua/build/post.54a5e86845ef567d7d91779ac2f7bb90.css
Origin: https://www.unian.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685477
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57172
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqIxi2hMaN3SyLed6nMIQJqiDAb2sAF7EHxllzWO9vOu%2BzKae0zaqSlpSyty8pOjnd444uUEZh%2BcEBfagdwCXqn9UU5WyVGGbQnfJ9zhJlDCigekL7FlKqloU55l4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa031415ee95c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 91ms
39ms Fetch
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/desktop.e5aec09dc6e0bb7469b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 17426630858327805513
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:55:22 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 40 KB
11 KB 92ms
28ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 10:11:55 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Sun, 07 Nov 2021 05:55:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6856
date: Sat, 06 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 18:01:06 GMT

GET
H/1.1 200
OK piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 152ms
66ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 03 Jul 2017 15:36:13 GMT
Server: nginx
ETag: W/"595a646d-e3b1"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html Show response
www.unian.ua/incidents/ 20 KB
5 KB 274ms
273ms XHR
application/json 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html?ajax=1&page=2

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/vendor.e1eebaac35424523b02f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a55b530becb37d7216153b15e5599a36f596a5e5ebe07fbe9d00ae7429c602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding, User-Agent
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: BYPASS; Sat, 06 Nov 2021 17:55:22 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZLp%2ByohomT2WJarowTt1XRZCam3jBwWBYofSmTeQXBAzqYg8NNW8cgldaRu6OSiSKnJAvdOHVGTHhCwgaqDfXrjUnJ31ZkLQjk62hllNDoUFLPoYOscjDPisFz%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=60
cf-ray: 6aa03142491e5c32-FRA
access-control-allow-headers: X-Requested-With

GET
H2 200 hb_298309_4142.js Show response
player.adtcdn.com/prebidlink/454505/ 418 KB
123 KB 61ms
32ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/build/desktop.e5aec09dc6e0bb7469b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512997b7fda8594eec1303b35aa0ebe601536b55fbbb2891429d6dc091c90beb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 14:50:54 GMT
server: cloudflare
etag: W/"6183f34e-6861d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJBA11l3vh6Crxwg1EGIEfbh86TZaQp0PlSRdSXS8r51Cs4u8uOwRWzdYIGhMlaKz%2FJ7Fkq6iMZuzYDivItF%2Br39poRylt%2B8lHoO6UOr%2FYKRW5aq5f%2FwUL3K8prPqfMfcYaeA%2FjFWpQyvAhQ%2FShZfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6aa0314298245ca4-FRA
expires: Sat, 06 Nov 2021 18:03:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P6EEJX21DY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a52723de29aa0a38f2d0751901271b50b0d6ff58293a742d1a190bc5c4b2c048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61831
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:55:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
60 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLSK4Y8K67&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3bda9e752bfe8b0c7ce9cd7d9a3c193205ff4e626f5d683190f5798680e9e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61685
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:55:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
60 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DENC12J6P3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57b93b169129336e2fa1f1180c33bb4d095d66cd1925486f713e714eee1c512c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61694
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:55:22 GMT

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.1/dist/ 4 KB
2 KB 49ms
29ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16640517
fly-request-id: 01F4B8KNV08N7TBR9G8FAZP5D8
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6aa031429d9b68eb-FRA

GET
H2 200 vunit.min.js Show response
a4p.adpartner.pro/apstc/ 48 KB
12 KB 37ms
37ms Script
application/javascript 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.384
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=2563&0.1884081776249018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: cf82deec94a354471001ce44f2df94e5d15670877385481f5cf40e28ea4e63ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
cache-control: no-store no-transform
last-modified: Mon, 11 Oct 2021 06:32:28 GMT
server: nginx
content-encoding: br
etag: W/"6163da7c-c158"
content-type: application/javascript

GET
H2 200 ls Show response
a4p.adpartner.pro/vunit/ Frame FC9C 5 KB
2 KB 64ms
64ms Document
text/html 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=64151164413134060&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=2563&0.1884081776249018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: 1eb399dc9b191283ba480c30ec4d8a9dc016d2d1b249dc4920dfd9696be40506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/html; charset=utf-8
cache-control: no-store no-transform
content-encoding: br

GET
H3 200 n300.svg
www.unian.net/pogoda/pogoda/images/icons/ 2 KB
2 KB 49ms
38ms Image
image/svg+xml 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons/n300.svg?32134

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c13940106ec046b47d72a552f9750987d0c01f5c56b16def74510da1ae0fe72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
age: 4784
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS; Fri, 22 Oct 2021 13:50:07 GMT
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTw8qovPhnBx100Rfolx7jNxQnKGhMEF5Un5utIIEksQwQcfIWmAuQ2ofzqgwtQyaUMN0UTry67vXCmZVJlskJKJNjAsJ8xsvO2LIGSpFdcNWdgRGGYFpRgrbII47w0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 6aa031429c3305d8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK es6_727356c3a866a6df7bae.js Show response
ua2cdn.admixer.net/player/roll-replace/stable/ 349 KB
69 KB 79ms
79ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ua2cdn.admixer.net/player/roll-replace/stable/es6_727356c3a866a6df7bae.js
Requested by: Host: ua2cdn.admixer.net
URL: https://ua2cdn.admixer.net/player/roll-replace/stable/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 , Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 684194e1d273432cb4dfa35637b10c0fdec5d6c0d0de3a0e33fca3f610930f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2020 13:27:07 GMT
Server: nginx
ETag: W/"5ebd472b-573ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 07 Nov 2022 17:55:22 GMT

GET
H2 200 last_top_theme Show response
photo.unian.net/api/ 5 KB
2 KB 229ms
198ms XHR
application/json 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://photo.unian.net/api/last_top_theme

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/vendor.e1eebaac35424523b02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcaee2971b88d0c22d4e186a11770a254f328b7b3d41d248f0cdcda01b7387cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: BYPASS; Sat, 06 Nov 2021 17:55:22 GMT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1SCwUzFj93tRUajPbG0x8T9FG4s6UtxqH3KbbNIlGZAT8nTUKzAuoTh1LJIQc%2FupmhWxw1xitRKCEIGL3%2ByQBZiGYeNQjwKv8Z4s%2FaJ9E4C4Cm2InALa2R%2BPet9R%2Bddsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
strict-transport-security: max-age=15552000
cf-ray: 6aa031430a2ed6e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=787387829&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1160022883&gjid=461120481&cid=539206431.1636221322&tid=UA-32196466-1&_gid=1417444904.1636221322&_r=1&_slc=1&z=947864989

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=787387829&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1698443653&gjid=1869377876&cid=539206431.1636221322&tid=UA-32196466-2&_gid=1417444904.1636221322&_r=1&_slc=1&z=1450116251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
345 B 35ms
13ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P6EEJX21DY&gtm=2oeb31&_p=787387829&sr=1600x1200&_gaz=1&ul=en-us&cid=539206431.1636221322&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sid=1636221322&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P6EEJX21DY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
345 B 43ms
15ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P6EEJX21DY&cid=539206431.1636221322&gtm=2oeb31&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P6EEJX21DY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 29ms
14ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JLSK4Y8K67&gtm=2oeb31&_p=787387829&sr=1600x1200&_gaz=1&ul=en-us&cid=539206431.1636221322&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sid=1636221322&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLSK4Y8K67&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 37ms
15ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLSK4Y8K67&cid=539206431.1636221322&gtm=2oeb31&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLSK4Y8K67&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 71ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P6EEJX21DY&cid=539206431.1636221322&gtm=2oeb31&aip=1&z=1565200123

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 53ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JLSK4Y8K67&cid=539206431.1636221322&gtm=2oeb31&aip=1&z=1613285552

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 13ms
13ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DENC12J6P3&gtm=2oeb31&_p=787387829&sr=1600x1200&_gaz=1&ul=en-us&cid=539206431.1636221322&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sid=1636221322&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DENC12J6P3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 21ms
16ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DENC12J6P3&cid=539206431.1636221322&gtm=2oeb31&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DENC12J6P3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
51ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DENC12J6P3&cid=539206431.1636221322&gtm=2oeb31&aip=1&z=1535156342

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-32196466-1&cid=539206431.1636221322&jid=1160022883&gjid=461120481&_gid=1417444904.1636221322&_u=IEDAAEAAAAAAAC~&z=104088241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-32196466-2&cid=539206431.1636221322&jid=1698443653&gjid=1869377876&_gid=1417444904.1636221322&_u=IEDAAEABAAAAAC~&z=2115621352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 277 B
391 B 26ms
26ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.unian.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 5932cd8afe905ec830945f5397713a25f1ea4ff182c4226ee9cf53fd0d80ff89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 277
expires: Mon, 06 Dec 2021 17:55:22 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 22E5 5 KB
3 KB 108ms
28ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 024db74b121f5a72e41d19c308bd6b32b7c5b227eb6ab358e47e75f604e46ef9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
expires: Mon, 06 Dec 2021 17:55:22 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2718
content-encoding: gzip

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 47ms
19ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/desktop.e5aec09dc6e0bb7469b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1036 / 784 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 17:55:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-32196466-1&cid=539206431.1636221322&jid=1637049727&gjid=1514251335&_gid=1417444904.1636221322&_u=aGDAgEABAAAAAG~&z=1549520590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 17:55:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6856
date: Sat, 06 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 18:01:06 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=787387829&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v1-1636221322435-6622459478480&ev=618&_u=aGDAgEABAAAAAC~&jid=1637049727&gjid=1514251335&cid=539206431.1636221322&tid=UA-32196466-1&_gid=1417444904.1636221322&gtm=2wgb3156LPBQP&z=1750812268

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 04:56:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 53ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=539206431.1636221322&jid=1160022883&_u=IEDAAEAAAAAAAC~&z=538048378

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=539206431.1636221322&jid=1160022883&_u=IEDAAEAAAAAAAC~&z=538048378

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FC9C 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=64151164413134060&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6856
date: Sat, 06 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 18:01:06 GMT

POST
H2 200 vunit Show response
a4p.adpartner.pro/ Frame FC9C 3 KB
1 KB 60ms
60ms XHR
text/html 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=2563&session_id=48290176-1916-416b-ac37-a25d06f01b8f&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=64151164413134060&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: 12afe03faa8b4e2f687218521d93454d77178311192c5464fce882b5871b070e

Request headers

Referer: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=64151164413134060&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 06 Nov 2021 17:55:22 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK piwik.php
assay.1plus1.ua/ 43 B
255 B 46ms
45ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&idsite=3&rec=1&r=839547&h=17&m=55&s=22&url=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&_id=b4e878c33e2e3335&_idts=1636221323&_idvc=1&_idn=0&_refts=0&_viewts=1636221323&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=327

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:22 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=10
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif

GET
H/1.1

200
OK

c.html Show response
inv-nets.admixer.net/
Redirect Chain

https://inv-nets.admixer.net/vast.aspx?rct=3&zone=22fa44a1-c6f5-4c5a-9501-e7be6044d8eb
https://inv-nets.admixer.net/c.html

13 B
458 B

11ms
11ms

XHR
application/xml

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/c.html

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:23 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.unian.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml
Keep-Alive: timeout=25
Content-Length: 13
X-Xss-Protection: 0

Redirect headers

Date: Sat, 06 Nov 2021 17:55:22 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.unian.ua
Location: https://inv-nets.admixer.net/c.html
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-2&cid=539206431.1636221322&jid=1698443653&_u=IEDAAEABAAAAAC~&z=1008768346

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-2&cid=539206431.1636221322&jid=1698443653&_u=IEDAAEABAAAAAC~&z=1008768346

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=539206431.1636221322&jid=1637049727&_u=aGDAgEABAAAAAG~&z=1513548984

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=539206431.1636221322&jid=1637049727&_u=aGDAgEABAAAAAG~&z=1513548984

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vunit Show response
a4p.adpartner.pro/ 10 KB
3 KB 40ms
40ms Script
text/html 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=2563&0.2219478834694555
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: d1d599f0f3f6bf4b966035eac86d751eb1344fa890f5e0d73b8af40a98e1491f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H3 200 last_top_theme Show response
photo.unian.net/api/ 5 KB
2 KB 188ms
187ms XHR
application/json 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://photo.unian.net/api/last_top_theme

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/build/vendor.e1eebaac35424523b02f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcaee2971b88d0c22d4e186a11770a254f328b7b3d41d248f0cdcda01b7387cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: BYPASS; Sat, 06 Nov 2021 17:55:23 GMT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWI18Z90HYd%2Fy9MGPpRIFQUjNxAJ5amtgBNhget7bOVPgpSgkwIl2RjFcwLo5QLCj45oo2zwQl%2B%2FpniN%2BVULIgc6Xbnaqvd4ASRXwKPfpJGG9OwxXjTz8wZdudvn5RDJug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
strict-transport-security: max-age=15552000
cf-ray: 6aa03144aa322bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 1471416186-2496-verbovka-borschevskiy-rayon.jpg
images.unian.net/photos/2016_08/ 72 KB
73 KB 237ms
237ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/photos/2016_08/1471416186-2496-verbovka-borschevskiy-rayon.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c1694f826ac781256dd0905ad3014cd47eb90c2aeb6d3d49e768b957a93cfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74186
last-modified: Sat, 11 Nov 2017 12:49:03 GMT
server: cloudflare
etag: "481bd9b33fdb0f85a262332e7af2a2e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOfLKCzESIvV%2BQgq9InF%2BIpGQmEAhumFAAsV6xwdVRfFJSK8S34y3S%2BA6ESeff6Vgo6f4Pmgs9W54ne8ROe2mfPl63ryT6koUedpCKvcTrttTqdW6y7oVcE0TkFe8COdF34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03144a8c505d8-FRA
x-1p1-cdn: BYPASS; Sat, 06 Nov 2021 17:55:23 GMT
expires: Tue, 04 Nov 2031 17:55:23 GMT

GET
H3 200 unian_vibercommunity_banner_690x100_ukr.png
www.unian.ua/images/ 17 KB
18 KB 30ms
29ms Image
image/webp 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/unian_vibercommunity_banner_690x100_ukr.png

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6409b4fe703e6275a0195c53b79bfa394b11f022aa909612a2f2820e18f49407

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89130
cf-polished: origFmt=png, origSize=24068
content-disposition: inline; filename="unian_vibercommunity_banner_690x100_ukr.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17350
last-modified: Thu, 22 Apr 2021 12:22:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNSIM3c4vqpHUTSS3T5dXlmv9XrAw2icqrE4AEc%2BY6nDBjbiBxO4rVjZep0GFHJWbHLq3B6FEyXsCT%2BZ%2FJlFE4YX9KoUr2xLOqSbSWmNMWP9CRVES73VVfchkXhfgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6aa03144af675c32-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 gnews.svg
www.unian.ua/images/ 638 B
961 B 19ms
19ms Image
image/svg+xml 172.67.70.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.ua/images/gnews.svg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf4ba932d3f9494c5ee069be800d4532497f93fba772ff72960a10186ecb44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4685489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 01 Oct 2020 12:50:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmCCVwnUzDOoSf0t5uUz%2FbB%2BKGVGf1WDXn03oXBpLoi85vmTJOLnTZzjZzSXwEDz8J1T6DzTVInsfbfTTiKxsauP5MCJW10goBUELvp8rP5yrN2Ln8n6IQcO%2FAeatQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6aa03144af6b5c32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1097293.jpg
images.unian.net/pb/010/thumb_files/h_190/ 15 KB
16 KB 47ms
47ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1097293.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4f46a0f631a80e321013a031156b5f9d1ced95bde8c7a1d4bf147eb1521d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30129
cf-polished: origSize=15389, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15296
last-modified: Sat, 06 Nov 2021 09:33:11 GMT
server: cloudflare
etag: "0d79d7a2cdf63aa04a7472871c721496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJz1ocLwkihVtovSnI%2Fy%2BKa4sbjT1l2dxHoE0RVtHDYi3asD4mgf62NSHNmVe9JnL%2Bf9b2KnF%2BS%2Fjeb3wAibhUBAlHJMuBC%2BXMbN3p8CyMyzwMJxC9Pzcl9cGCyi09m7DEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c8fa05d8-FRA
x-1p1-cdn: MISS; Sat, 06 Nov 2021 09:33:14 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1097263.jpg
images.unian.net/pb/010/thumb_files/h_190/ 9 KB
9 KB 40ms
40ms Image
image/webp 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1097263.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9781526687d8233c656f20400f16bc6fa7ddd331dee2703ca9edcf8c7b4ba95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35158
cf-polished: qual=85, origFmt=jpeg, origSize=10339
content-disposition: inline; filename="1097263.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8908
last-modified: Sat, 06 Nov 2021 08:08:50 GMT
server: cloudflare
etag: "5d4f2871e6ed1cf357296c4e00993d8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHUgHdNU4xr4aGUYNd1G1ppeF%2FSICXPfwprGOsKox1wWNsm5ZFwmoffHbLXVaQWKspHLCcWjTxOfOIUIz0uIBu6AJoLJDbyW9hIw8rt8kbzl9SPJoMcFobEvGnrVeliavko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c8ff05d8-FRA
x-1p1-cdn: MISS; Sat, 06 Nov 2021 08:09:25 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1097200.jpg
images.unian.net/pb/010/thumb_files/h_190/ 16 KB
17 KB 41ms
40ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1097200.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fabb381ada11b2e445dc9dfbadee4088082e155c869c7d6f5766e5734b1202b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103090
cf-polished: degrade=85, origSize=16402, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16380
last-modified: Fri, 05 Nov 2021 12:56:17 GMT
server: cloudflare
etag: "7bdf06cf43a4dc9c73ecbd5284415011"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zt7o%2FxboMEtwkns6aAq62B%2BPs2vSXK9IpIEa4TfVIpW2VNh7RrvXFAGnz%2B2Aa4o1iD3qyQkvIXLFpsLzkU%2BhQtW1TKRkgBRs0CLp2QMyqsJJixL4Vv4ldgiBdjZRcrd4Po%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c90305d8-FRA
x-1p1-cdn: MISS; Fri, 05 Nov 2021 13:17:13 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1097227.JPG
images.unian.net/pb/010/thumb_files/h_190/ 14 KB
14 KB 56ms
55ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1097227.JPG

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9486979e92e06a729e948ea504a279623dbcb01faf39324a7b82d93fcfa02b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98407
cf-polished: origSize=14038, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13864
last-modified: Fri, 05 Nov 2021 13:38:20 GMT
server: cloudflare
etag: "6d0ac4e08f8e5ac2ca6703cae82fc7ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1%2BVYVodl%2BVUaIIxhuxNbBO5VVqUQGcH75YAvmCuv4kOWXkP5D8SgNLFxnYGIijRiTeAki7r%2FQqoJ3XaC9K682HDwKzyXvyXS8k5yDYUFMdMfe5dN48zNK2XB7%2FV%2F2sIzRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c91105d8-FRA
x-1p1-cdn: HIT; Fri, 05 Nov 2021 14:24:45 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1097089.jpg
images.unian.net/pb/010/thumb_files/h_190/ 13 KB
13 KB 56ms
55ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1097089.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10acbf85f4afb5e04e39fed89efd2560e09eca0ac72fae393a08f457c3e8c06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115757
cf-polished: origSize=13078, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12965
last-modified: Fri, 05 Nov 2021 07:27:41 GMT
server: cloudflare
etag: "fed5393e75be5a3874f5cb8ae4ff6afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Oi1p3uyVkqheaEZTeYWQYrLY0trmo9qPcNRGrqZOXiOGc08uVN2st80gbfCUQCoCYd05jlNaiZ5Wng22AcySeuT6WC%2FDr6Kq8Pgajt7IHWazzEddfBGiFabP8i%2BuGvAdkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c92d05d8-FRA
x-1p1-cdn: MISS; Fri, 05 Nov 2021 09:46:06 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1097026.JPG
images.unian.net/pb/010/thumb_files/h_190/ 12 KB
13 KB 57ms
56ms Image
image/webp 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1097026.JPG

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2335e0a201f7e34878d87cd6357e0ed3c91f62d4f51e5c193a89aee45bfabdbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86020
cf-polished: qual=85, origFmt=jpeg, origSize=12604
content-disposition: inline; filename="1097026.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12534
last-modified: Thu, 04 Nov 2021 14:15:26 GMT
server: cloudflare
etag: "492a43647057b09215544fe60dd95671"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B91YLtuWulc1stxVpGUID0jI0LDG49SCTUihL8%2BM9kQx%2FtIq6rvEeqFjRAkX9lbziFsHHplq%2Be67Lq5WUIbcrzdT69%2FJmkkYNB96%2BZy1%2BgHRKr7ZPD1GNn1UmF2n326OWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c92e05d8-FRA
x-1p1-cdn: HIT; Fri, 05 Nov 2021 17:49:13 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1096852.JPG
images.unian.net/pb/010/thumb_files/h_190/ 15 KB
15 KB 65ms
63ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1096852.JPG

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ed8f2f97aaee383d0e78a6fd74d468ca8acd50f557a9978e6d434a1424c1ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195916
cf-polished: origSize=15159, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15057
last-modified: Thu, 04 Nov 2021 10:23:03 GMT
server: cloudflare
etag: "8de574398a2a789429fe56f52cc5cabd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjkHGigJ3RislWs63ti8Ilbas2yEaFf3L%2FGcPqV9T4lutCnKl%2F9z67zR0lPq43soFEiCwMCySMPevfrPbNAs62XSZpM%2Fxy%2FTlFOAFMLMhrmu0Sa%2Btj4K5Qv7v%2BUGbucUWwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c93105d8-FRA
x-1p1-cdn: MISS; Thu, 04 Nov 2021 11:30:07 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1096756.jpg
images.unian.net/pb/010/thumb_files/h_190/ 10 KB
11 KB 65ms
63ms Image
image/webp 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1096756.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60a7f18c4f1bf76f2fd716f9d29b2db3b333d7edf0fba8748f43ba5389d19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85613
cf-polished: qual=85, origFmt=jpeg, origSize=11065
content-disposition: inline; filename="1096756.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10332
last-modified: Thu, 04 Nov 2021 10:09:33 GMT
server: cloudflare
etag: "efce5351e6f45c02292080d09e1c620b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXJ0aXsqGDYXE6DygyhEKIPBA2hTB3Ruko4VcBYv2UCHBsljeGiD%2F03oAqkwL2K67uIUNigtPooSSnA%2FbjHTp1XbofS1LkPZGR67aEAwPMO91oNylVJOboi1iR71KYtK1pQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c93305d8-FRA
x-1p1-cdn: HIT; Fri, 05 Nov 2021 17:59:16 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1096948.jpg
images.unian.net/pb/010/thumb_files/h_190/ 9 KB
10 KB 65ms
64ms Image
image/webp 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1096948.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc33ffcda296abbad2bdf085e0820e77372aa635b50ecf3375ed929f08a7878b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196400
cf-polished: qual=85, origFmt=jpeg, origSize=10751
content-disposition: inline; filename="1096948.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9644
last-modified: Thu, 04 Nov 2021 11:09:45 GMT
server: cloudflare
etag: "c68c0d5f0b1925ab72e878489bec2abd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKVqnFYCj8O1%2Fd2eI%2FdsvFb%2FPe546aRlxZe2FcZs0YfmMTSBRZ8k%2Bp0DAcjWUk0wBOsVOofNoXtA9wP1j0xzKR1Uc8bBJFH777mMVzjYSSGm2WhvzrtUStFZwQUAf0MAC2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c93705d8-FRA
x-1p1-cdn: HIT; Thu, 04 Nov 2021 11:14:24 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1010330.jpg
images.unian.net/pb/010/thumb_files/h_190/ 12 KB
13 KB 67ms
65ms Image
image/jpeg 104.26.11.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1010330.jpg

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81657eec047d0c3647616c84b0065a775277dd2774ac28ae3ed7c07b7f78e759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 463723
cf-polished: degrade=85, origSize=12671, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12470
last-modified: Tue, 22 Sep 2020 08:44:15 GMT
server: cloudflare
etag: "37071c5b79c1f20aacad58b6d11336cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfQm7SovzehMfIv4o2XNnVIFIFD6TtbCPalLHuAs1bD%2F1tkrPbXMRBovs0AvLMuMaciUMXI%2FyJsrFZmyzHpMU5XCytXIDHdiCPMJI4DNOURhYQek6eGAphG4y77BcJ84HeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sun, 06 Nov 2022 17:55:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6aa03144c93b05d8-FRA
x-1p1-cdn: MISS; Mon, 01 Nov 2021 09:06:40 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 29ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 17:55:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
114 B 32ms
17ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.unian.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

872a748de0e2452b44a58df1e8a69260c7a1af97ff2d86b9abf26aabc08bb33c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:55:23 GMT

GET
H2 200 wrapper_hb_298309_4142.js Show response
player.adtcdn.com/prebidlink/454505/ 957 B
865 B 319ms
17ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/454505/wrapper_hb_298309_4142.js
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/build/desktop.e5aec09dc6e0bb7469b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4bfc2e615e2893f083cf03ad93eca1aa75ee35debd871129a4c19b1a35fb415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Nov 2021 22:30:54 GMT
server: cloudflare
etag: W/"6185b09e-3bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPN2u0zJXbyDo2McD9pPRi9oRJ%2FZJgZdQhOtnSfFQVCnkse7AVlVvP%2FoZCLoy3wLp4hB038Mhzs1QuHN%2BLk9r2%2BxGTMG9zfIR3Nur9Z9Xv4XBpbTbxTOmI%2FwW99ZsNtXnKizrcvmKff%2BB%2FkQLWMvaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6aa03146cb8a5ca4-FRA
expires: Sat, 06 Nov 2021 18:03:06 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1636221322691/
Redirect Chain

https://gaua.hit.gemius.pl/_1636221322691/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3...
https://gaua.hit.gemius.pl/__/_1636221322691/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=http...

185 B
445 B

92ms
91ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1636221322691/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=lf17vVdbjC3rlfbvvc8KmQ8_fFqbyD64ijULwsTScDf.F7D8o7QzOIqs42r31z3oFhJ0S2NM44v0NKDl3yhLwkpI0zwa/1iZkiRFTNx32q/&fpdata=ZrWAbqH_VRmwP9jqdxxI.ISdhaK0w2haMP7osaX.Z1P.h7&vis=1&fpcap=
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: fce6c999a39c8ed4dd6e85e60975a06ba5d2e6161c8ab218f5f5adc4b8bf1a73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:23 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 185
expires: Fri, 05 Nov 2021 17:55:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:23 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1636221322691/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=lf17vVdbjC3rlfbvvc8KmQ8_fFqbyD64ijULwsTScDf.F7D8o7QzOIqs42r31z3oFhJ0S2NM44v0NKDl3yhLwkpI0zwa/1iZkiRFTNx32q/&fpdata=ZrWAbqH_VRmwP9jqdxxI.ISdhaK0w2haMP7osaX.Z1P.h7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 05 Nov 2021 17:55:23 GMT

GET
H2 200 ls Show response
a4p.adpartner.pro/vunit/ Frame 3B49 5 KB
2 KB 41ms
41ms Document
text/html 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=47020781562100056&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=2563&0.2219478834694555
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: 484a032c47f88155b98afbcb9d21d2ab89e8f821ffd59fbbebb03f292fb5a741

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:23 GMT
content-type: text/html; charset=utf-8
cache-control: no-store no-transform
content-encoding: br

POST
H2 200 vunit Show response
a4p.adpartner.pro/ Frame 3B49 3 KB
1 KB 55ms
55ms XHR
text/html 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=2563&session_id=48290176-1916-416b-ac37-a25d06f01b8f&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=47020781562100056&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: 53c84c35575d4b3f0a32189f5ed7b8ba30e180816f32466d0c92f1660e23437c

Request headers

Referer: https://a4p.adpartner.pro/vunit/ls?vunit=2563&bannerNum=47020781562100056&apuid=9546a155-84ea-474a-8de9-49e781fd2c56&session_pageview=1&session_id=48290176-1916-416b-ac37-a25d06f01b8f&site_visited=1&location=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2 200 wrapper_hb_298309_4142.es6.js Show response
player.adtelligent.com/prebidlink/454505/ 256 KB
35 KB 46ms
11ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/454505/wrapper_hb_298309_4142.es6.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/wrapper_hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89354adf70734a1011e0679d4bbf0719dc1eac286c20305cfecb6976eec6e61f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 22:30:54 GMT
server: nginx/1.18.0
etag: W/"6185b09e-400b8"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 18:55:23 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 22ms
7ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0debc83fe650ab144dce953c14ab4b83da7dc5dfc00240946767cc251e41ca13

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: gzip
last-modified: Sat, 06 Nov 2021 12:01:07 GMT
server: nginx/1.18.0
etag: W/"61866e83-1194"
content-type: application/json
access-control-allow-origin: https://www.unian.ua
expires: Sat, 06 Nov 2021 18:55:23 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=787387829&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%20%D0%9B%D1%83%D0%B3%D0%B0%D0%BD%D1%89%D0%B8%D0%BD%D1%96%20%D0%BF%27%D1%8F%D0%BD%D0%B8%D0%B9%20%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D0%BD%D1%82-%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D0%BD%20%D0%BF%D0%BE%D1%80%D1%96%D0%B7%D0%B0%D0%B2%20%22%D0%BF%D1%96%D0%B4%D0%BB%D0%B5%D0%B3%D0%BB%D0%BE%D0%B3%D0%BE%22%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BA%D0%BE%D0%BD%D1%84%D0%BB%D1%96%D0%BA%D1%82%20%D0%BD%D0%B0%20%D0%B5%D1%82%D0%BD%D1%96%D1%87%D0%BD%D0%BE%D0%BC%D1%83%20%D0%BF%D1%96%D0%B4%D2%91%D1%80%D1%83%D0%BD%D1%82%D1%96%20-%20%D1%80%D0%BE%D0%B7%D0%B2%D1%96%D0%B4%D0%BA%D0%B0%20%7C%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=v1-1636221322435-2402209044757&ev=356&_u=aGDAgEABAAAAAG~&jid=&gjid=&cid=539206431.1636221322&tid=UA-32196466-1&_gid=1417444904.1636221322&gtm=2wgb3156LPBQP&z=78685119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 04:56:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46744
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5au.js Show response
sync.medidexs.com/ps/10/ 58 KB
21 KB 63ms
12ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.medidexs.com/ps/10/5au.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454505/wrapper_hb_298309_4142.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f0db98bc257f7af3187bd7ec0661af3a9a04719b1fcb94838e07046db5a726da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:23 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 18:32:31 GMT
server: nginx/1.18.0
etag: W/"6182d5bf-e694"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 06 Nov 2021 18:55:23 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 134 B
382 B 593ms
164ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454505/wrapper_hb_298309_4142.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 676d3ee1e5815df462e6c4cdcc9e827c3ef0abd551bd6196df79b293775b62e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.unian.ua
Date: Sat, 06 Nov 2021 17:55:23 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 134
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
414 B 615ms
175ms XHR
image/gif 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4142&full_page_url=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&adid=o3xgzp.0x&vpbv=N005&lifecycle_tte=1525
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454505/wrapper_hb_298309_4142.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.unian.ua
Date: Sat, 06 Nov 2021 17:55:23 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 80ms
18ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.unian.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:24 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://www.unian.ua
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
982 B 47ms
15ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29819
content-type: application/javascript
x-amz-request-id: txfb885b5eaead480dbfa2f-00617b9d6a
x-amz-id-2: txfb885b5eaead480dbfa2f-00617b9d6a
last-modified: Tue, 26 Oct 2021 12:44:38 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dk0w9aeLMXLq9MIBMXGifd53nLzKzBZL4NfuqcEPNsXkSrBL4pHlXLDRyZBOEVgiZkhWQf25w%2FDD0fO%2BbkHwtqWBpuiNXfhsZXJqdf%2BRu5s%2Fg00AamS%2BbVO7qfMrYPY4kH%2BUWLEGgv6FnQoJ"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1635252278092292
cache-control: public, max-age=1800
cf-ray: 6aa0314beb1268ec-FRA
expires: Sat, 06 Nov 2021 18:25:24 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
406 B 51ms
17ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
185 B 67ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0-pre&cb=34677729460
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.unian.ua
date: Sat, 06 Nov 2021 17:55:24 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 627 B
545 B 176ms
176ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 3d1cf807fb2720ba039ad00c1b8eada762f269dde8001b5fd4fa1b4740c9fc81

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 06 Nov 2021 17:55:23 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.unian.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 258

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
908 B 323ms
110ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 20 KB
11 KB 166ms
130ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6399324f5235dab8d64d5bfde090f3714fe31ab1cbe81474c4d66c9886eef9c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 06 Nov 2021 17:55:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f07bfd52-3f4f-40e5-9150-f5cf6608763a
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.unian.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 172 B
556 B 42ms
21ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=943fcf07-8050-4633-957b-f3ebadf80c4e%2Ce6f40be3-818f-4e39-96be-60419ea3322b%2C02c36270-eac2-40fa-989d-784d6721bdfb&nocache=1636221323806&pubcid=2cc9e336-6cdc-46bb-b06f-b9760a617df5&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=1440x180%7C980x120%2C1340x120%2C1180x120%7C300x600&divids=api-gpt-catfish-wrapper%2Cbanner-ad-1%2Cbanner-ad-2&aucs=%2C%2C&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: feee2b7986dd5c9eae0bfc8f390e223d90d6b255b0222960f39130d9f54b3d86

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.unian.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 53ms
17ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.unian.ua
date: Sat, 06 Nov 2021 17:55:24 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
502 B 106ms
105ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 06 Nov 2021 17:55:24 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.unian.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 360 B
457 B 729ms
339ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 56a85216075ccab5b902bd2404103431fdb185c21318fedae6048d91d1c77469

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 06 Nov 2021 17:55:24 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.unian.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 170

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 96ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.unian.ua
date: Sat, 06 Nov 2021 17:55:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
3 KB 449ms
365ms XHR
application/json 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: 697532baa732f6b5f01689fae7a913e322cc33eada245dcecc63778cf5472ac4

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:24 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
transfer-encoding: chunked
expires: 0

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/2e43c/1/www.unian.ua/ 100 B
420 B 55ms
15ms XHR
application/json 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.unian.ua/ROS?rnd=0.18903252067633236&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120%2B300x600_0%3A300x600&ur=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&pbv=5.18.0-pre&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&e_pubcid=2cc9e336-6cdc-46bb-b06f-b9760a617df5
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ad9898c5c2693bec9c69aab1763b2380c030d321269b302a0eeba6ef9d6b2da4

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Nov 2021 17:55:24 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.unian.ua
expires: Sat, 06 Nov 2021 17:55:24 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 100
x-sid: AMS-747

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
168 B 260ms
83ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 06 Nov 2021 17:55:24 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.unian.ua
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
628 B 105ms
70ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4ae247e96cbd02b3d916688dcaed3bc02f77eadfb13e99173ab5db9b73b477

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-warn: Validating the Prebid Request adunits. No supported banner or video size for adUnit: api-gpt-catfish-wrapper, Validating the Prebid Request adunits. No supported banner or video size for adUnit: banner-ad-1, Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6aa0314c4be443b8-FRA
server: cloudflare
expires: 0

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 567 B
632 B 587ms
181ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 6b7bc4c9b10f7db251d6fac5fae793d0109a38ddf82ed6272eb4ea81346628b3

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 06 Nov 2021 17:55:24 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.unian.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 345

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 236 B
1 KB 218ms
106ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832312&size_id=31&rp_schain=1.0,1!adtelligent.com,298309,1,,,&eid_pubcid.org=2cc9e336-6cdc-46bb-b06f-b9760a617df5%5E1&rf=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=e6f40be3-818f-4e39-96be-60419ea3322b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20142544942648954
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 99cb6be902223fd92a5aabde53c25d82fcaefc93caf8841b53108a3876d55238

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.unian.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 236
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 209ms
91ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832312&size_id=10&rp_schain=1.0,1!adtelligent.com,298309,1,,,&eid_pubcid.org=2cc9e336-6cdc-46bb-b06f-b9760a617df5%5E1&rf=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=02c36270-eac2-40fa-989d-784d6721bdfb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4361976442090738
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4cb243b61012645090247114840991e4497d7669508de6e83b690a9c3d070a5e

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:24 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.unian.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 361 B
1 KB 40ms
13ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6450ad5f4dd7d31f70ff3d1737632bbac70595eef7029afbf46619c5afae935e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:24 GMT
X-Proxy-Origin: 136.243.198.83; 136.243.198.83; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6b74c7ba-2d65-4b0e-8595-ad7151ef4df4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.unian.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 809 B
650 B 328ms
175ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437389&aid2=437390&aid3=443025&aid4=605039&aid5=607661&aid6=638043&aid7=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454505/wrapper_hb_298309_4142.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2cfd0a9351fa3755ca9099bd76aa9dea95dfe09ab72d16bb3eeb9dc193966251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:23 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.unian.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 363

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 34ms
18ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1677169
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx564ad509a99944bea97b3-00616d2a12
x-amz-id-2: tx564ad509a99944bea97b3-00616d2a12
last-modified: Mon, 18 Oct 2021 08:01:50 GMT
server: cloudflare
etag: W/"cae476c264f28e37aca638d685ba55b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRqNa6tNicMRc2gyzHSM3%2F4Wmq6j29mQAS2VES6hHcBJWwzoJQnT2HI4dthIkpFSOebNFFShh0SdMDpdKf4gyVvBJTtCxA6%2Fkc4wKUk2n%2BIp42JSGML2i6K9k717zgU%2FlQPY4EI2IKYNuku4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1634544110326910
cf-ray: 6aa0314c383c5c2c-FRA
access-control-allow-headers: Authorization

GET

csync
sync.adtelligent.com/ Frame 50D5
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c7f86846-a4c7-4f62-952f-1995e0f837cc

0
0

GET csync
sync.adtelligent.com/ 0
0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 157ms
48ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:24 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 106
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 unian_intext_desctop.html Show response
vid4.tsn.ua/adv/Adpartner/ Frame BB2F 1 KB
764 B 206ms
33ms Document
text/html 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=d480ed83-98fa-4ce9-9a47-edaeff730fe4&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fd480ed83-98fa-4ce9-9a47-edaeff730fe4%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIyLCJzaG93X2lkIjoiZDQ4MGVkODMtOThmYS00Y2U5LTlhNDctZWRhZWZmNzMwZmU0IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D739d88a141617e97ae5b5b53b8c7a886&bannerNum=64151164413134060
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.384
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1c9346a5da669907a5eecf3b7ebdb4e8b99188f9c3a8d00ea1f60bf254e04e4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 07 Feb 2019 17:07:46 GMT
expires: Sat, 06 Nov 2021 18:00:24 GMT
cache-control: max-age=300
x-1p1-cdn: HIT; Fri, 05 Nov 2021 19:16:34 GMT
content-encoding: gzip

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame C79C 0
139 B 36ms
36ms Document
image/gif 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25229546a155-84ea-474a-8de9-49e781fd2c56%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A475542%252C%2522rule_id%2522%253A38590%252C%2522show_id%2522%253A%2522d480ed83-98fa-4ce9-9a47-edaeff730fe4%2522%257D%255D%252C%2522unit_id%2522%253A2563%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d480ed83-98fa-4ce9-9a47-edaeff730fe4%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwww.unian.ua%25252Fincidents%25252F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:24 GMT
content-type: image/gif
content-length: 0
cache-control: no-cache, no-store, must-revalidate no-store no-transform
expires: 0
pragma: no-cache

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.unian.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 51ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.unian.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
23 KB 536ms
536ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=253465796746574&correlator=1640423327853939&output=ldjh&impl=fifs&eid=31063206%2C44754276&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211106&iu_parts=82479101%2CDisplay_Unian.ua%2Ccatfish%2Ctop_1180x120%2CDisplay_Unian.ua_300x600_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=1440x180%2C980x120%7C1340x120%7C1180x120%2C300x600&prev_scp=PageType_Unian%3Dwww%26PageRubric_Unian%3Dincidents%26PageSubRubric_Unian%3Dempty%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CPageType_Unian%3Dincidents%26PageRubric_Unian%3Dincidents%26PageSubRubric_Unian%3Dempty%26PageRegion_Unian%3Dempty%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CPageType_Unian%3Dincidents%26PageRubric_Unian%3Dincidents%26PageSubRubric_Unian%3Dempty%26PageRegion_Unian%3Dempty%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636221324&dt=1636221324558&dlt=1636221321979&idt=754&frm=20&biw=1600&bih=1200&oid=2&adxs=80%2C-9%2C-9&adys=1020%2C-9%2C-9&adks=1240459465%2C2077371719%2C3007306923&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.unian.ua%2Fincidents%2F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C0x-1%7C0x-1&msz=1600x-1%7C0x-1%7C0x-1&ga_vid=539206431.1636221322&ga_sid=1636221325&ga_hid=787387829&ga_fc=true&ga_cid=1417444904.1636221322&fws=512%2C2%2C2&ohw=0%2C0%2C0&btvi=0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

42639360280f0212ba607cd8cf6113234e7fb4b86deffd1fca023d87b9124f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23129
x-xss-protection: 0
google-lineitem-id: -1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 322ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cd10ac1f974a26ea93779748deb7c46962118db16562d3e1247bb20713bcc1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9172
x-xss-protection: 0

GET
H2 200 container.html Show response
287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8286 6 KB
4 KB 65ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 17:55:24 GMT
expires: Sun, 06 Nov 2022 17:55:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 unian_intext_desctop.html Show response
vid4.tsn.ua/adv/Adpartner/ Frame ECA4 1 KB
764 B 33ms
33ms Document
text/html 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=c002590c-f24d-4a89-af9e-de1f158e3e17&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fc002590c-f24d-4a89-af9e-de1f158e3e17%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIzLCJzaG93X2lkIjoiYzAwMjU5MGMtZjI0ZC00YTg5LWFmOWUtZGUxZjE1OGUzZTE3IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D73150f527bd8f101488bf031829de61a&bannerNum=47020781562100056
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.384
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1c9346a5da669907a5eecf3b7ebdb4e8b99188f9c3a8d00ea1f60bf254e04e4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 07 Feb 2019 17:07:46 GMT
expires: Sat, 06 Nov 2021 18:00:24 GMT
cache-control: max-age=300
x-1p1-cdn: HIT; Fri, 05 Nov 2021 19:16:34 GMT
content-encoding: gzip

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 0276 0
139 B 37ms
37ms Document
image/gif 77.120.110.196
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25229546a155-84ea-474a-8de9-49e781fd2c56%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A475542%252C%2522rule_id%2522%253A38590%252C%2522show_id%2522%253A%2522c002590c-f24d-4a89-af9e-de1f158e3e17%2522%257D%255D%252C%2522unit_id%2522%253A2563%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522c002590c-f24d-4a89-af9e-de1f158e3e17%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwww.unian.ua%25252Fincidents%25252F1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.110.196 , Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 196.110.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 06 Nov 2021 17:55:24 GMT
content-type: image/gif
content-length: 0
cache-control: no-cache, no-store, must-revalidate no-store no-transform
expires: 0
pragma: no-cache

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame BB2F 79 KB
27 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vid4.tsn.ua
URL: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=d480ed83-98fa-4ce9-9a47-edaeff730fe4&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fd480ed83-98fa-4ce9-9a47-edaeff730fe4%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIyLCJzaG93X2lkIjoiZDQ4MGVkODMtOThmYS00Y2U5LTlhNDctZWRhZWZmNzMwZmU0IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D739d88a141617e97ae5b5b53b8c7a886&bannerNum=64151164413134060

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1036 / 166 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ECA4 79 KB
27 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vid4.tsn.ua
URL: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=c002590c-f24d-4a89-af9e-de1f158e3e17&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fc002590c-f24d-4a89-af9e-de1f158e3e17%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIzLCJzaG93X2lkIjoiYzAwMjU5MGMtZjI0ZC00YTg5LWFmOWUtZGUxZjE1OGUzZTE3IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D73150f527bd8f101488bf031829de61a&bannerNum=47020781562100056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1036 / 719 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ECA4 346 KB
116 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BB2F 346 KB
116 KB 20ms
19ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame ECA4 107 B
165 B 319ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame ECA4 107 B
165 B 318ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ECA4 47 KB
14 KB 338ms
338ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3505968375036872&correlator=1963867266622564&output=ldjh&impl=fifs&eid=31063136%2C31063206%2C31063280%2C44754276&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211106&iu_parts=82479101%2CDisplay_Unian.ua%2Cww_300x250%2Cww_300x250_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&eri=4&cdm=vid4.tsn.ua&bc=31&abxe=1&lmt=1549559266&dt=1636221324722&dlt=1636221324610&idt=101&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=604&ish=354&oid=2&adxs=2%2C304&adys=2%2C2&adks=3661458788%2C2662256552&ucis=q016or7aansa%7Cuu0fuqwhnhhq&sps=url%2C%2Chttps%253A%252F%252Funian.ua%2Chttps%253A%252F%252Funian.ua&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvid4.tsn.ua%2Fadv%2FAdpartner%2Funian_intext_desctop.html%3FadId%3D475542%26unitId%3D2563%26showId%3Dc002590c-f24d-4a89-af9e-de1f158e3e17%26link%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F2563%252F475542%252Fc002590c-f24d-4a89-af9e-de1f158e3e17%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIzLCJzaG93X2lkIjoiYzAwMjU5MGMtZjI0ZC00YTg5LWFmOWUtZGUxZjE1OGUzZTE3IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D73150f527bd8f101488bf031829de61a%26bannerNum%3D47020781562100056&ref=https%3A%2F%2Fwww.unian.ua%2F&top=https%3A%2F%2Fwww.unian.ua%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250%7C300x250&msz=300x-1%7C300x-1&ga_vid=1585687943.1636221325&ga_sid=1636221325&ga_hid=559295235&ga_fc=false&fws=260%2C260&ohw=300%2C300&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d9c75caf86c7ec9d0b0ec9fedd0a6cf9613884ffdf541ca27da01cf7408c6d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13874
x-xss-protection: 0
google-lineitem-id: 5817304204,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368763931,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vid4.tsn.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 649D 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 17:55:25 GMT
expires: Sun, 06 Nov 2022 17:55:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame BB2F 107 B
165 B 300ms
25ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BB2F 107 B
165 B 299ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BB2F 72 KB
21 KB 425ms
425ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2911960870523323&correlator=1507112230885365&output=ldjh&impl=fifs&eid=44754276&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211106&iu_parts=82479101%2CDisplay_Unian.ua%2Cww_300x250%2Cww_300x250_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&eri=4&cdm=vid4.tsn.ua&bc=31&abxe=1&lmt=1549559266&dt=1636221324751&dlt=1636221324601&idt=137&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=604&ish=354&oid=2&adxs=2%2C304&adys=2%2C2&adks=3661458788%2C2662256552&ucis=cpsfhpwthzyd%7Cfpn8b9b15ce6&sps=url%2C%2Chttps%253A%252F%252Funian.ua%2Chttps%253A%252F%252Funian.ua&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvid4.tsn.ua%2Fadv%2FAdpartner%2Funian_intext_desctop.html%3FadId%3D475542%26unitId%3D2563%26showId%3Dd480ed83-98fa-4ce9-9a47-edaeff730fe4%26link%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F2563%252F475542%252Fd480ed83-98fa-4ce9-9a47-edaeff730fe4%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIyLCJzaG93X2lkIjoiZDQ4MGVkODMtOThmYS00Y2U5LTlhNDctZWRhZWZmNzMwZmU0IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D739d88a141617e97ae5b5b53b8c7a886%26bannerNum%3D64151164413134060&ref=https%3A%2F%2Fwww.unian.ua%2F&top=https%3A%2F%2Fwww.unian.ua%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250%7C300x250&msz=300x-1%7C300x-1&ga_vid=793948014.1636221325&ga_sid=1636221325&ga_hid=437563187&ga_fc=false&fws=260%2C260&ohw=300%2C300&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

875856a2a0cc9513db44de580cc41df946f32d21ec023974161fb9e54128b1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21280
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vid4.tsn.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 94F9 6 KB
3 KB 30ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 17:55:25 GMT
expires: Sun, 06 Nov 2022 17:55:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2A8D 12 KB
5 KB 319ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 06 Nov 2021 15:37:07 GMT
expires: Sun, 06 Nov 2022 15:37:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1765 783 B
970 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7824dfdfc9df9b70e3f5dafd710c25649f88f15aa273379d25d5bb703738a26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1RghARxvNll7rLHbrPp34Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 17:55:25 GMT
date: Sat, 06 Nov 2021 17:55:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1RghARxvNll7rLHbrPp34Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1765 0
0 74ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=253465796746574&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ECA4 12 KB
9 KB 20ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3acfa79d1f7530615c55d9293cee723bc7413382fe1e84e181a50d7d3b252b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9295
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BB2F 12 KB
9 KB 22ms
22ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abdf5bf45dfb57a01924ff257bcfa6956e01d669ea075a048fe8af8b621c7703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ECA4 17 KB
6 KB 245ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4FE 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssqQWiI37-5q7YIOxXZ59gyza1MRjNtQAVsksaVs63wCIIjhqcMBLNhg6M921MOn9W5s2HtYSkJS6SnUwGg65qbftMi3xOSM4KOz3Po189ZLD1bJ_446QY_CxX_jjOaOUEMYkaim9qjw3wJEIPUbwQz3XF827G60F7WHeSXEipxYwJ446VE1OB3lWqHcUOLVmNzF4xao1QGUT0_tGJ9Y8mUdQGvLg-OESqTQHJK1lXPtl9uDf8g_CIT1dNC1qSS4CDt5T-LV0RNygxPWxIq_PKOJGVeI8JEP9O5zmnbAV13ODnrhLOmz2QHK32M9biiDa-ldcGQC4&sig=Cg0ArKJSzCRdWa8pszWrEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D4FE 3 KB
1 KB 208ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:45:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4FE 120 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 2245889475191380001
tpc.googlesyndication.com/simgad/ Frame D4FE 141 KB
141 KB 211ms
22ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2245889475191380001

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

777491505b6a95c2cd043068004a4dde473848e5de3dfd3391a9a14ede26cfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 18:19:25 GMT
x-content-type-options: nosniff
age: 171360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144294
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 12:56:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 18:19:25 GMT

GET
H2 200 container.html Show response
791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB67 6 KB
3 KB 308ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 17:55:25 GMT
expires: Sun, 06 Nov 2022 17:55:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BB2F 17 KB
6 KB 224ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 container.html Show response
287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2183 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 17:55:24 GMT
expires: Sun, 06 Nov 2022 17:55:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D4FE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce779517554adeb14f6595994de8f3c285d4b02eea9f991b0b566eb60eae29ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 2183 2 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 16:43:50 GMT
server: ESF
date: Sat, 06 Nov 2021 17:55:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2183 2 KB
991 B 112ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:46:03 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2183 0
0 83ms
83ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Csbw-jMGGYe76OsWT7_UP2POUsAKeioOVZvC2gOvfC77l1byEGhABIP3_hSNglYKAgMAHoAGsoPvOAsgBCakCCL4yBLposz7gAgCoAwHIA5sEqgSCA0_QpGe67VqpGd_fTSJ93sC39-_9zM-prSiRma558Ih4oUT0IAF1365825ks9VHlCovRB_7cRlJ-lMzEKtpiMVAxHpCO-xyGBSbtfSA5_X-xVFv2izKuryQIlrTlit1fit9GBMYzEsWu0vG-IlKgiwzxGJusGYGlcFkzJzDCefy0P-zpx_9vhSDVzzILs37kYEQOVSmsEofw982MFp6j58_uD80xQ25VbGIX_8uORu4DoSUcUWe7ENImtvDFhds_RNnTw3W3a4E91Ve-N3tibgueqcofZhvfDPO_8YYjiR7Mz9SDvZq8V974UaInOAfgC-scAic3cZKXKrc72wLD4m01cWfwIB5WU60HPNgn43qTT3kqC__vps53YMUOlow-Nq0Tj232Hf277sCJ06fl3qMiB_gOgnVxp5iIcuwYKhjmlXJ-eSyXyNi4vFzmcFIbggaN-Dq--IkRors5oQgkrfVMNgpPornyooBrCutkPTkBRA63eiCqr2IpXbr7q15JJGjXwATQxKPUjQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHvN-EsQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEOvKENIICQiI4YAQEAEYHYAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=GW3F7oZS150&uach_m=[UACH]&template_id=494
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 2183 19 KB
8 KB 108ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:49:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2183 3 KB
1 KB 109ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:45:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2183 120 KB
37 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2183 15 KB
7 KB 107ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:43:30 GMT

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 2183 27 KB
12 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 04:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 31 Jan 2022 05:32:03 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame D6B1 190 KB
55 KB 74ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame D6B1 13 KB
5 KB 95ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame D6B1 89 KB
28 KB 85ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame D6B1 4 KB
2 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame D6B1 40 KB
13 KB 93ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D6B1 4 KB
693 B 29ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 16:48:06 GMT
server: ESF
date: Sat, 06 Nov 2021 17:55:25 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D6B1 3 KB
3 KB 103ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 17:58:03 GMT
x-content-type-options: nosniff
server: cafe
age: 86242
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:58:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D6B1 344 B
466 B 102ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 17327
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 07 Nov 2021 13:06:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D6B1 0
0 50ms
50ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4VNFjcGGYfuVCZuGjuwPsv6DgA288-jvZZ2tuZi0C-qf3KDUARABIP3_hSNglYKAgMAHoAHmxei-A8gBCakCLJ95z37Xoz7gAgCoAwHIAwqqBMIDT9B0naFNHczgYBwll9DcX1YPtvTs8alMzWTjTX8X6EvnZk-juJW96JNjCRlXr2SUjJQcACKyrsZbwUVERyyJE-S3Frh6cdZ6rM_yqkgXdjtLPj2TSftnuxjivdzzKtifZr0ffD80HVjBwg_IAA0M6DyWfV1_N1AxoEc8_zIOIAZFe-YVAKR7E6qzMgp1mH_D3SK1yFm12k473zIc_riGyTiO9sxGZJURPwV5A5z9qxMutfT77F1YNDVwX1ptpzqu4R4R-E8YHKwx4K1DyhVxPp1NS71nmt7v2qoWXxvMQFMEz_VrcDhQI47R9XDouDDwkNTzJAK95BA8-FP5hZq7c_6Z3t3PtyPv_1honCi7SatJi23R0PXJsIDMhQQxJan46JgeLwUEoHjdK9gnZ5C2ztzjnTbqTf9KYNbR31iQ9sBJMQ0o7aZD5yTOW_HsRwjKSK_icNyzMtuv7B0p-XgW8lvXOEgqgkFhQXpL0YhuUScIkPc3olCpwpIHBccC0rWh78Fu4ra9TEq4M1Di4TZ3Hx6Xodf-Eya2yyt3HzXdBV7WhPJ1PFzJA5rvo8FlVKWk9ynEdQyKLd-5a2tytjBK_jvHwATwo8yEggPgBAGSBQQIBBgBkgUECAUYBKAGLoAHgrqXQagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDy_gfSCAkIgOGAEBABGB2ACgPICwHYEw2IFAXQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=xRZVT-td7O8&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: vid4.tsn.ua
URL: https://vid4.tsn.ua/adv/Adpartner/unian_intext_desctop.html?adId=475542&unitId=2563&showId=d480ed83-98fa-4ce9-9a47-edaeff730fe4&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F2563%2F475542%2Fd480ed83-98fa-4ce9-9a47-edaeff730fe4%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjM2MjIxMzIyLCJzaG93X2lkIjoiZDQ4MGVkODMtOThmYS00Y2U5LTlhNDctZWRhZWZmNzMwZmU0IiwiYWRfdW5pdF9pZCI6MjU2MywicnVsZV9pZCI6Mzg1OTAsImFkX2lkIjo0NzU1NDIsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6Ijk1NDZhMTU1LTg0ZWEtNDc0YS04ZGU5LTQ5ZTc4MWZkMmM1NiIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D739d88a141617e97ae5b5b53b8c7a886&bannerNum=64151164413134060
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2183 27 KB
28 KB 46ms
7ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJi_yo9w1Fq7kjCmbcCMtXI5jd8uWi4UM6ESPXztRWob37Il-VIZ3_DngcMQ&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac038bdc9bf5707d7b112eec23f2bc6bfc652b90066b2899145aa0d0eb51971d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 07:30:00 GMT
x-content-type-options: nosniff
age: 37525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28109
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 01:24:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 06 Nov 2022 07:30:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2183 26 KB
26 KB 58ms
19ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSNcJbAgZCd17HdR0FCIQ9Uy41fScc7lwWjeHIYeALdaIdaphCB3cnRGVgRSu4&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845a576a15939601a214489ddc29abf14959686164af8bacbc1befc49f071d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 09:21:44 GMT
x-content-type-options: nosniff
age: 203621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26986
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 01:15:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Nov 2022 09:21:44 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2183 27 KB
27 KB 60ms
21ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTQyq9GlNcQtpXcL4veadsUXo_NhrhEp95nDNfjhPUXVV9vPXMWKynB9izDzuA&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba42d92d3598ec7696dd2f21e27068cf97f1a20f8f2a00c5b859ff490b824dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 13:45:59 GMT
x-content-type-options: nosniff
age: 187766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27525
x-xss-protection: 0
last-modified: Sat, 26 Dec 2020 01:01:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Nov 2022 13:45:59 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2183 22 KB
22 KB 56ms
17ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSA0jXHtpfm5iD-3CEwsle2Srwgi_4DXm-O7FxbVtC5hYD34lMioPGncxFr97Y&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

318c86635781f1756a9795c12d29b56c736a40651f4b2dba2323df92ccf7e076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 12:10:51 GMT
x-content-type-options: nosniff
age: 366274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22672
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 01:27:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 02 Nov 2022 12:10:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2183 26 KB
26 KB 52ms
14ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTW9YagpbX51AZGeYpLuzon8kl8CxcHCJZQaO7_QZ9h8zvOXv7polinyUmX4A&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c995f49f5b57b87006af5cafa44e4f4f7c4013ad9d8e158614114991d5b7d8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 20:31:05 GMT
x-content-type-options: nosniff
age: 422660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26696
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 03:21:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 01 Nov 2022 20:31:05 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2183 26 KB
26 KB 46ms
8ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSJEggyLYo2G87p6oTG-doPQjKNa7QyNpof7aNHVZCIuVDY2ZCXjJBVkCgXDQ&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af566f7df8ecd17930e50b1b8388805d307f89d95da974ad7c60c36323f7a460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:34:20 GMT
x-content-type-options: nosniff
age: 177665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26374
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 07:29:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Nov 2022 16:34:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2183 24 KB
25 KB 45ms
7ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQuYqoIhfi9QjR5PTNaFNIUCu70PRlXgxzjiJ0iUWPsnv9AGKxc&usqp=CAI

Requested by

Host: 287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
URL: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71adbf9e064f0f63aa6e3bd571902f8344d05d5135742ad64bff8c8a83ee11a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:39:46 GMT
x-content-type-options: nosniff
age: 209739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25051
x-xss-protection: 0
last-modified: Sat, 04 Apr 2020 10:34:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Nov 2022 07:39:46 GMT

GET
H2 200 container.html Show response
7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B2AE 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 17:55:25 GMT
expires: Sun, 06 Nov 2022 17:55:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/3122352926767636123/ Frame D6B1 68 KB
68 KB 59ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3122352926767636123/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05ea97088e284bfb5392729793a7fa7eb42b24f12f39d5fff105b18f2a05aea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 04:00:13 GMT
x-content-type-options: nosniff
age: 395712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69363
x-xss-protection: 0
last-modified: Fri, 17 May 2019 08:50:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 04:00:13 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15575435274680014031/ Frame D6B1 2 KB
2 KB 63ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15575435274680014031/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a045b41075c780b6f768e682b50df103a4394256aaac46eedd05ba18a8157f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 12:20:25 GMT
x-content-type-options: nosniff
age: 452100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1559
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 23:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Nov 2022 12:20:25 GMT

GET
DATA 200
OK truncated
/ Frame D6B1 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D6B1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb8cab2f8ecc5c176cf98fc215565db0c9d6221b05ae785db6aaa13fe6af662b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D6B1 9 KB
9 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vid4.tsn.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:57:55 GMT
x-content-type-options: nosniff
age: 140250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 02:57:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D6B1 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vid4.tsn.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 173948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 17:36:17 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B2AE 0
0 96ms
95ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEYyQjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTMA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9Nk1fS0GuL1qxJxkOZtf4OLtQK9Yb4XbIp7swEnzC2eyePQcDeg7gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=RKUWc2Mn9bY&uach_m=[UACH]&cid=CAQSGwCNIrLM-OE_lVUuT_R-_cp1VdzmzZHJiDd9VxgB&tpd=AGWhJmsUdycYUNqpMkzfSJtgLkh8UmSCPcOXS_D8U2_IlN6pzYGBPzn3OGGOyCuCKWwZZRQk4thxbrPnGlhSeyFmtMhd9RkR8fUKYYRd-zKpHmynVuUgOzVr7ofiHOgiunIrFVh5Zav4FPnzTTL1-JLQLb6Db1C35eMOulnt_aoqNsG_Da6yPLoBOFJEec0-0eSiLxcYqxHu2U0FnNulbbBvyJxxf7iAvp-wXgKYGTP_7sS6ygfxYtN_PK3sqRaVwy9nAH7DW5S9zMg6u7lcNlA18tbhGd2SL7H3aEW6eCw9-V57hg2YY6FrlzefBKLL4yYMpE80Pt_jzhCCRYAbby4wrFcma3RXVRXa2zJutM_NcnhNMrio-YWcf7wP_hUbQRoj6JZsWKHqMydpqFqRHyzR_G_YrHa_NagG5Hb0LPuUKBJCJz0_7PXUWPyxqz5ZEKdAY3VlUU3em_UDnFuztZs43VTL2Gfhs9486X8QvZ35U0WiLlZrFzxC7a4pvelBwrpOUNDc8FoPU5cauKwURik8dvuZg6P6vZrHS4wP87LwIUi6P8b6wjzwmetZnk_Rp_pQKFNiuODpeRAtCBBSJVCVAcrxt-gqJFXXzxig-hpAgGPIsb62F3SccjHWVS-f4Wmtdt673LCnufTn8xCo1cBPBWfr6G4DvMfgevTYEDAOSnySEUHWAa6kXXNFuFNO8ytIYqXR4PMZZsVl2DUtHk1ax56Q_g-X26QW9zFB2usSyCg8DqcggBz-YxpkB18r5GHO1gbcEa26mABHQKMc2zFfbUNx9vt1tkfxM0eAu8lt7u6Ikyt7SJ0OVpkn7n_djqWocV6TEAu4mM7VkP9P5DzventrTP3B8Aj9CT1t7lZpcGXeWBNfyWCdOEKfaO3hkln_NTdM7sOUg1msICiHAs2_k0C6qkq6zH_8XnmS6yFzXWP3C7u3Fzs6o5sbm2cGGRqrWp-tv_IYqOhcPLMaO_bkcv-He-phkvgJ3LnX3WmMzBxTwgeeXVVAOt2XOfD4zS6GMRr-y9tOCBT19_VnfllqECEiIghmM7UIeFzOzsp2ybc35vcY_T88o0sxLTueGxtFgD7IdFLdxSX3FjQE4w
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame B2AE 3 KB
2 KB 65ms
14ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MDU5NjI2ODI4MjI1NTI2NzQvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY3dpdWpLZU1vajFmRXNaZ2YySExrQS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjA1OTYyNjgyODIyNTUyNjc0L2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/kTzvbdHVmJl0kPTwrwhbDXC0ozs&nodeid=351&group=cdg&auctionid=1605962682822552674&shardkey=1605962682822552674&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%26client%3Dca-pub-9138247653754533%26adurl%3D
Requested by: Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.1 /
Resource Hash: e2cbea412a2acc527bd96f368e459518d7b481de8538daceeb5e54b5880040d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1636221325
Last-Modified: Sat, 06 Nov 2021 17:55:25 GMT
Server: MMBD/3.208.1
x-mm-latency: 3 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x95, cdg-bidder-x48
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B2AE 3 KB
2 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:45:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2AE 120 KB
37 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame B2AE 15 KB
7 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:43:30 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B2AE 22 KB
7 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 19:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Nov 2022 19:20:50 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012110042008000/ Frame BB2F 20 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de10bf080c876ecde1166746dfb23b65e9afc5db210cab5c59cc7100e858b968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7332
x-xss-protection: 0
server: sffe
date: Sat, 06 Nov 2021 03:35:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d5fdbd4c4c0d534"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Nov 2022 03:35:28 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame B2AE 11 KB
4 KB 14ms
3ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=1605962682822552674&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1605962682822552674%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: afe4e6e41096369d680df2cd4394efe6b1041ac27ad59d097cba135f714e7a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3596
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame B2AE 49 B
329 B 36ms
14ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1605962682822552674&node_id=351&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MDU5NjI2ODI4MjI1NTI2NzQvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY3dpdWpLZU1vajFmRXNaZ2YySExrQS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjA1OTYyNjgyODIyNTUyNjc0L2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/kTzvbdHVmJl0kPTwrwhbDXC0ozs&nodeid=351&group=cdg&auctionid=1605962682822552674&shardkey=1605962682822552674&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Server: MMBD/3.208.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x26, cdg-bidder-x48
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame B2AE 43 B
372 B 49ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1605962682822552674&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MDU5NjI2ODI4MjI1NTI2NzQvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY3dpdWpLZU1vajFmRXNaZ2YySExrQS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjA1OTYyNjgyODIyNTUyNjc0L2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/kTzvbdHVmJl0kPTwrwhbDXC0ozs&nodeid=351&group=cdg&auctionid=1605962682822552674&shardkey=1605962682822552674&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x6 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x6 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame B2AE 49 B
329 B 37ms
15ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1605962682822552674&st=4562306&time=1636221325&nodeid=351
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MDU5NjI2ODI4MjI1NTI2NzQvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY3dpdWpLZU1vajFmRXNaZ2YySExrQS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjA1OTYyNjgyODIyNTUyNjc0L2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/kTzvbdHVmJl0kPTwrwhbDXC0ozs&nodeid=351&group=cdg&auctionid=1605962682822552674&shardkey=1605962682822552674&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.39&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Server: MMBD/3.208.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x41, cdg-bidder-x48
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4FE 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXuHfMVpiHxEPwTcT5FNML3_qHSwTz7kSgD_cT7G3htBYkY-pnk0m12N0hKw7Ryf-6N86UCOtlsfCCnOsGrj8HKdgWmhmrIIFHUPS1_MLkPgUVitoBqB7EOdovemy5aPK-dCzTpOtpXZkrOstmsn7m70CeUayeDqzCtw_0CXS_-WWpaYORiiTXV_lvvGyPa9Kk6Q1Z2aMHn9MKUEdklE1s_FXquWVDl5JNZo95IE0bKlVqljAwplMn6b2yWfhZQRCp-PYVo9Lqnsa3sZ7kz8yzak1DGQUSm41Sj25OusIynyxzbNp2lNIYbB1jmT8qHEQJ72x4kbFwuw&sig=Cg0ArKJSzJJYSyGyazinEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 17:55:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3599 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 06 Nov 2021 15:37:07 GMT
expires: Sun, 06 Nov 2022 15:37:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6E23 783 B
739 B 16ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da0e1199aa1e3263dfe76eec2113380290886d04faf068450fa81e7d4747edf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Naqj5NLIfUjhpU+dmXYwBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 17:55:25 GMT
date: Sat, 06 Nov 2021 17:55:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Naqj5NLIfUjhpU+dmXYwBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2183 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcfe0d1ee2da41e7731b4be9b70da80c4557c9ad613003d4dad2795b419a946c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 2183 20 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:10:26 GMT
x-content-type-options: nosniff
age: 150299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 00:10:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 39A0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 06 Nov 2021 15:37:07 GMT
expires: Sun, 06 Nov 2022 15:37:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A45F 783 B
739 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0504818babae77ab3df4970906222ba44b331ebe923e55a0c602c1e7725ea920

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AO2Q9cKoCfRiAEvBvIZuOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 17:55:25 GMT
date: Sat, 06 Nov 2021 17:55:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AO2Q9cKoCfRiAEvBvIZuOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D6B1 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 17:58:03 GMT
x-content-type-options: nosniff
server: cafe
age: 86242
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:58:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D6B1 344 B
405 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 17327
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 07 Nov 2021 13:06:38 GMT

GET
H/1.1 200
OK request.php Show response
hal900024.redintelligence.net/ Frame B2AE 4 KB
2 KB 69ms
54ms Script
application/x-javascript 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5466d60215&subid=&uid=5282444e688924fd&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1605962682822552674%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3447698939032&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=1605962682822552674&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1605962682822552674%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d7c40ea6d5cd70e8fcf344e562b39eed818e70fbf338e3d5d286ed32485c1456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 49357200126512300951393011770024
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1265
Expires: Sat, 06 Nov 2021 17:55:25 +0100

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EB67 0
0 96ms
95ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTZx3jcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTMA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdM58zver4LVTsIXfromXRpfePjw2Fit9DVdCuFG0lAzScrdk-6qbgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=zu0HTDpQPJ0&uach_m=[UACH]&cid=CAQSGwCNIrLMsE8RW0xIcUYBNS7w9z1HdIwcws7A-hgB&tpd=AGWhJmuVX6oWaalBtM8Swo_VkaHqRdblVeqLFeRr1pwJROeHsFgqxvSs5_eb8PNRbYaD0zPpcP-BPIqQvV9M2-lyXm5QWf5Jxd-b67bGVKi3ghIt6nfitZEbCY0tQVthaHXxSV3d0Vesjf5f1Rug0_gAoxnO8ez-2kr4XUOK-425m180P2pxhTnMNKdRbjt2Mm71xFHAHweRGkcAVUyJZw86twF662tBVdLd4t2S53qh-yAY-Ob-d1aJML0LblACjB6zduAylh79rErv-9xYRjbcHToaTMhALnDb3zhpeNA-VDUz17HeTclR50DSkZggjOFWiAicGYdzXOpI2g3SwQueo9j4kJaurNyiZ4k5WR0Y8z074N-teucgtenE7Nyw-gSP32_e95SroUIPX0RGO9d2NqaM7Fu-wiYgdgyE9nk3qmI5yWACMkiSkYCz_ieFOJtqNG8JZlj0y4d7FEtaiA5lwoM55g3pI5aAosa1roIwwFkwA0m9ZgmYZ4q_LEh_cMpWrmWUu3_jT4E6bWnx7aT5-9TxCLLKx1iAkY6puayjnVrh3TkJjI3k0VrDlAvHK4xXJe0LHpC9k0exZIaG2VS3L6D-HVMn_ZBxNtii_d1ZJQkJQ1TWhzVnHdmEzGCQ8PTeOISzYsRGUqK9mNVGoEnur8LQAQEjzND2NqxUwsJm7T0fh08_LhwLra-4vWNvqdO2bg16y1YhEwjMv2qrVPX6bGjFDMAwHtNpxkeGl4SzVbBc8lnGdpz0FnvFqGzIFyHhq3Rsx739nPJ6Ndx0WzC-NUH9Xr6F5PjE34349RGsJ0SQaGNPPJ7azEQn9j5dVUYdzjoEj9QJi8D8ERZiOBI6-Ep0Db5xMtHQSN74B9zhMPQSdrzhXtEgtb4zzMkoKIdoKpIBmSPUlSCNuU692IKGWj7lmuPZ3k1N0CatUdjg86RYUcY91U5Sr9innZzWMsQNZ_6dRxEj8JOhjzLRT3-6C27D0NJxlEgfoR4HF6YPGxhaB66J5-O-65CwmK0sZzy_oLIOoBqf-y2EkhJ9Gs85JswOGDfiRANK3oUGqDr7sJlZW9d-c0iMy9vhIfieU-sjYhrV_JDsvUJkCe0uJA
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame EB67 3 KB
2 KB 22ms
21ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTc2NDg3MDEyNDk5NDAyMjMvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItZUc5U2lKS3R6eDlRUWtYbEc5WTRBMC8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE3NjQ4NzAxMjQ5OTQwMjIzL2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/rSBgvlNA7j6cZDrjUZDlgyr2uEQ&nodeid=351&group=cdg&auctionid=6217648701249940223&shardkey=6217648701249940223&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Requested by: Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.1 /
Resource Hash: 79acf501d6d8f59bfa0d9ad6418ed57326482636f87a5f319d1a8e0562346f3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1636221325
Last-Modified: Sat, 06 Nov 2021 17:55:25 GMT
Server: MMBD/3.208.1
x-mm-latency: 10 (7)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x90, cdg-bidder-x48
Connection: close
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame EB67 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:45:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB67 120 KB
37 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame EB67 15 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 17:43:30 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EB67 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 19:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Nov 2022 19:20:50 GMT

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A8D 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:32:24 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E23 0
0 57ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=3505968375036872&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A45F 0
0 56ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=2911960870523323&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3599 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:32:24 GMT

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 39A0 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:32:24 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
203 B 194ms
193ms XHR
text/plain 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454505/wrapper_hb_298309_4142.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.unian.ua
Date: Sat, 06 Nov 2021 17:55:25 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame EB67 11 KB
4 KB 6ms
3ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6217648701249940223&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6217648701249940223%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2bc88b4ca34ef8cee9a268733ec01622d06d024fa4446230ab42b0677785ee51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3597
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame EB67 43 B
373 B 26ms
25ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6217648701249940223&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTc2NDg3MDEyNDk5NDAyMjMvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItZUc5U2lKS3R6eDlRUWtYbEc5WTRBMC8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE3NjQ4NzAxMjQ5OTQwMjIzL2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/rSBgvlNA7j6cZDrjUZDlgyr2uEQ&nodeid=351&group=cdg&auctionid=6217648701249940223&shardkey=6217648701249940223&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame EB67 49 B
330 B 14ms
14ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6217648701249940223&st=4562306&time=1636221325&nodeid=351
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTc2NDg3MDEyNDk5NDAyMjMvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItZUc5U2lKS3R6eDlRUWtYbEc5WTRBMC8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE3NjQ4NzAxMjQ5OTQwMjIzL2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/rSBgvlNA7j6cZDrjUZDlgyr2uEQ&nodeid=351&group=cdg&auctionid=6217648701249940223&shardkey=6217648701249940223&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Server: MMBD/3.208.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x100, cdg-bidder-x48
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame EB67 1 KB
1010 B 52ms
14ms Script
text/javascript 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXpJNU5XUTVZakF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTc2NDg3MDEyNDk5NDAyMjMvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItZUc5U2lKS3R6eDlRUWtYbEc5WTRBMC8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE3NjQ4NzAxMjQ5OTQwMjIzL2Ftcy8wLzI4NC83OC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNjIyMTMyNS8xNjM2MjMzOTI1LzQvcHViLTkxMzgyNDc2NTM3NTQ1MzMv/rSBgvlNA7j6cZDrjUZDlgyr2uEQ&nodeid=351&group=cdg&auctionid=6217648701249940223&shardkey=6217648701249940223&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%26client%3Dca-pub-9138247653754533%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0 /
Resource Hash: 2666994c593f37585b5f4e8b5f5c655c78b290b8964d8de1cf245bcd6b21ec5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip
Server: MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: close
Content-Type: text/javascript
Expires: Sat, 06 Nov 2021 17:55:24 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 4848
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=49357200126512300951393011770024&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49357200126512300951393011770024&actionid=879111&produktid=ratenkredit&dt_url=

0
629 B

46ms
25ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49357200126512300951393011770024&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5466d60215&subid=&uid=5282444e688924fd&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1605962682822552674%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3447698939032&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 06 Nov 2021 06:55:25 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 06 Nov 2021 17:55:25 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.21
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49357200126512300951393011770024&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: 88F3C653:BBFD_91EFC182:01BB_6186C18E_5FD1C94:627A
X-IPLB-Instance: 40027
Cache-control: private

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame B2AE 1 KB
2 KB 281ms
124ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3392345&wgcampaignid=99582&viewref=49357200126512300951393011770024&js=1&nw=1
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 161d220dab8a7aa5b0e6373527b4a445d1e1bf990dbfd802ce495771887430e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Last-Modified: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432 Show response
8019191.fls.doubleclick.net/ Frame 659A
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432?

392 B
347 B

49ms
35ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432?

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

1e37507ed2ea5297e67bfecd7baa250cd483e4ff4865e0ea866676c815e8b0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 06 Nov 2021 17:55:26 GMT
expires: Sat, 06 Nov 2021 17:55:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 06 Nov 2021 17:55:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame C456 7 KB
2 KB 6ms
3ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5466d60215&subid=&uid=5282444e688924fd&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1605962682822552674%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrChGjcGGYfyVCZuGjuwPsv6DgA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_Qn-astwKFns0Q7tx4Wxm_Fa2t7jFYr7Ill8xL5FG0e3MdNMBcV7B5vEVoWgTTFW9cphBtLqzAPrzRZZ-2Y_c5R_Py6bK0dB8tCEvx24n5Olyglj5itZuD92b3_a8SYINIPyyx7qXtCRosHNTW91LiCfFndPPRkY4Qtr5KnP_X3Rxyxb9m6Irya-oR5lK52cCEj5kemd3YTenhooOuLzFqbcl2ec_iR6B6_ZI5BsyiCdUtEJoNvRH-iDtNfjHBqb2PIbOcNm6KUNmnOYjMQF7CXUeDJwU07F6xbhpIdN-eX1ZmI43svyAzxT4Kvu4k_lwSnQVe9dlo-r2exs8qdsLERpRaUxQM5lS5MBqj8fGVkm91y6lhqMkGQzJKdmkC5bDzFbxwjTsnyxbU6cRh2e7LVeMRrkHqdSjMrhmtzUxCrfAc_CEspnSz06NazZUCZHqw4PKkyFNIqXKmmOYENlDgGGHZb6GRySW8OhuDaUXoJVSAng5ntX-S6CltZRB0m7EATwEU6poc0XnMdD0yzL5lHpJW5EYsstnVcLmtzlOFIEb452N9dE9-2e0Si108g1GlvpdXyKZEIWoRz24pGntwvYZjx8CGk56_fYPM4-_gBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nkEWYCh3yryWe8LKa6x3_xquY6g%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=3447698939032&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 73973adea2d6aadfa924013a26aae5cd9b3a39f476b5b9b01b12c8465e5effd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/

Response headers

Date: Sat, 06 Nov 2021 17:55:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 06 Nov 2021 17:55:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2063
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame B2AE
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49357200126512300951393011770024
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49357200126512300951393011770024
https://ad-server.eu/wm/pb/native.png

68 B
312 B

163ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:59:32 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: 88F3C653:BC15_91EFC182:01BB_6186C18E_5FD1C99:627A
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B2AE 43 B
704 B 119ms
98ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=49357200126512300951393011770024&pv=1

Requested by

Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK request.php Show response
hal900014.redintelligence.net/ Frame EB67 4 KB
2 KB 74ms
59ms Script
application/x-javascript 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=7d5f66e76b&subid=&uid=a4a02526b073cbca&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6217648701249940223%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7850819425885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6217648701249940223&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6217648701249940223%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: b82abf7e35509fd2be23246eb3efc8c0ae6b204ec022b73f4e5efc04d40d1054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95347300106830800951393011770014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1264
Expires: Sat, 06 Nov 2021 17:55:26 +0100

GET
DATA 200
OK truncated
/ Frame B2AE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a358c2cb3def255184a978ff00887a7f761e8116e0976821d796a924f6efa505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame C456 4 KB
746 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 17:00:51 GMT
server: ESF
date: Sat, 06 Nov 2021 17:55:26 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 17:55:26 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C456 16 KB
16 KB 6ms
3ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: de1b987a249f4e7b0422a805c7838599b34595c68c7016d5a771fdc22eb28ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C456 17 KB
17 KB 6ms
3ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e7b60d2b5113d75c21acfd595ff19dbe9aeedd9f9c3b4e4c262544164beb89b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C456 16 KB
16 KB 6ms
3ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/affiliate-panini-paw-patrol-disney-banner-1200x627.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bfd6b496929b3e56950cf0d2bc6d5f24a928dc8269784722d0098fbba674b491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16332
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 609A
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=95347300106830800951393011770014&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95347300106830800951393011770014&actionid=731824&produktid=businessgiro&dt_url=

0
200 B

51ms
27ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95347300106830800951393011770014&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=7d5f66e76b&subid=&uid=a4a02526b073cbca&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6217648701249940223%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7850819425885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 06 Nov 2021 06:55:25 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 06 Nov 2021 17:55:25 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=95347300106830800951393011770014&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: 88F3C653:BC09_91EFC182:01BB_6186C18E_5FEA3F5:2A265
X-IPLB-Instance: 40028
Cache-control: private

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame EB67 1 KB
2 KB 264ms
116ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3392365&wgcampaignid=99582&js=1&nw=1&viewref=95347300106830800951393011770014
Requested by: Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 74dae20e39b2a5f54f8ace18608b2394cbe2a4d0ea3750c881431f7e9a1782cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Last-Modified: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836 Show response
8019191.fls.doubleclick.net/ Frame BC8E
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836?
https://8019191.fls.doubleclick.net/activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836?

392 B
348 B

133ms
133ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836?

Requested by

Host: www.unian.ua
URL: https://www.unian.ua/incidents/1474191-na-luganschini-pyaniy-okupant-osetin-porizav-pidleglogo-cherez-konflikt-na-etnichnomu-pidrunti-rozvidka.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

499acf32d7d7d2b70fd2c7853b1d606c2eea5c2d571d5b7cdcdaad9072dfbade

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 06 Nov 2021 17:55:26 GMT
expires: Sat, 06 Nov 2021 17:55:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 325
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 06 Nov 2021 17:55:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame CFC2 7 KB
2 KB 5ms
2ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=7d5f66e76b&subid=&uid=a4a02526b073cbca&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6217648701249940223%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_cid%3D3dc16186-c18d-4401-96b0-3a52d042c0a8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCEYygjcGGYZ3UCMCQ7_UPp4iBiA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgIDAB4IBF2NhLXB1Yi05MTM4MjQ3NjUzNzU0NTMzyAEJ4AIAqAMBqgTPA0_QgwHEiwzR4IR_vpXPE395Z6JU4rwD4nDCKii6PjvJ-rNZcnrr2LSo-6buSSMjCIfXm7SvXKOm-kXd7U8KbsaQ8bFoS3OI35Hi2wY96fMVsIeTGbcKwHDZ1hbf9OPsMuvzbKWx4qDnz8870gabRDbBy7LvE5fbRy45Czqb7-hKJr2bYGXGVPXSrXt5PPhE3BNrLP7Vwbu1TkfcaQN291wfby5n6iRc2BWI9hmSx0grAnSetcOmlCO1n5q9fBs1-0QHbK_xPQCrIBW6ui9EqzDVjGy6RVbL0U1NlKsTBGlO0c2psYFEbkxDzjaWUS4qk2RWCxwZzztLTXE95RYNTyFe1klvoyrB9sOLlWJn0oSJkyVJzRMte1OzFShkJkfI1vfDP-ZNK22M5r_BxE6c2523CFPBg5LWNzRmY9ppxys2MjDw5ZvQOaj1uNrkK3PKAcHTcefD0uHLnWzl9fw_EQRCkHPB95DMdi27et3ivVsgk88iWLQpoMfDqJCuy_2i4IgfkawjyC51lR3o_LSxwWHs_TmDCL_9ml_bQ5Xf5PIPIb6lELfdcZ0SL0ZEiVNhhT9AeiV-VeqbhbGPpMei6BDuu5eEHRiEA0CC7SvwkErgBAGABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3SnCE7W8pt_GT8Sk2Hc27lL4uAaQ%2526client%253Dca-pub-9138247653754533%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7850819425885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 0a1a193ed84eefa6b70a9253975ee7517bcb8141bd9b3703df59c6fe4e7cfdc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 06 Nov 2021 17:55:26 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2066
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame EB67
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=95347300106830800951393011770014
https://ad-server.eu/wm/pb/native.png

68 B
312 B

118ms
31ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:59:32 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: 88F3C653:BC09_91EFC182:01BB_6186C18E_5FEA3FA:2A265
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EB67 43 B
704 B 90ms
78ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=95347300106830800951393011770014&pv=1

Requested by

Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK iframe Show response
sync.mathtag.com/sync/ Frame B1A7 652 B
733 B 41ms
16ms Document
text/html 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/iframe?mt_uuid=3dc16186-c18d-4401-96b0-3a52d042c0a8&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master cdg-pixel-x28 config:1.0.0 /
Resource Hash: 4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Type: text/html
Connection: close
Server: MT3 4067 88cc6bf master cdg-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 06 Nov 2021 17:55:25 GMT
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame EB67 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1831b0a8365f5b40833df780d8e9fe9595f4453b535161e46ab1ae9ca77c838a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame C456 0
150 B 4ms
2ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=49357200126512300951393011770024&a=3ea7ac03&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=49357200126512300951393011770024&a=493dd42e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame C456 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900024.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:12:31 GMT
x-content-type-options: nosniff
age: 128575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 06:12:31 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame C456 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900024.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:02 GMT
x-content-type-options: nosniff
age: 390204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:02 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame EB67 43 B
518 B 39ms
15ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by: Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 94ms
43ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:26 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 07 Nov 2021 17:55:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CFC2 4 KB
723 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 16:57:45 GMT
server: ESF
date: Sat, 06 Nov 2021 17:55:26 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 17:55:26 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CFC2 16 KB
16 KB 5ms
3ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 97a4a6b7659219747581358924eca5219cc9f07d14418fe8fb340d05b61dd6cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16465
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CFC2 17 KB
17 KB 5ms
2ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e7b60d2b5113d75c21acfd595ff19dbe9aeedd9f9c3b4e4c262544164beb89b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame CFC2 15 KB
15 KB 5ms
3ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninishop-fussball-1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 04782befa7a473d06847082858ec85783220a2fe1c409bd481227ecb222d7da4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15289
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432
adservice.google.com/ddm/fls/z/ Frame 659A 42 B
262 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKyOp7enhPQCFcgGBgAdaiAIGw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2124093748179.2432?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame CFC2 0
150 B 5ms
2ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=95347300106830800951393011770014&a=9cc0dd9f&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=95347300106830800951393011770014&a=85f2699b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame CFC2 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:12:31 GMT
x-content-type-options: nosniff
age: 128575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 06:12:31 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame CFC2 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:02 GMT
x-content-type-options: nosniff
age: 390204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:02 GMT

GET
H2 200 dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836
adservice.google.com/ddm/fls/z/ Frame BC8E 42 B
107 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COjLqbenhPQCFUSgUQodH4wDDA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2421877215505.1836?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame B1A7 43 B
517 B 16ms
15ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=3dc16186-c18d-4401-96b0-3a52d042c0a8&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master cdg-pixel-x3 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=3dc16186-c18d-4401-96b0-3a52d042c0a8&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 17:55:26 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 06 Nov 2021 17:55:25 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B2AE 51 KB
51 KB 50ms
10ms Script
application/javascript 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392345&wgcampaignid=99582&viewref=49357200126512300951393011770024&js=1&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-61.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 44758
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 06 Nov 2021 05:29:33 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: pZELuUCbwUmnkxUGjvhIK4-f6hi8V9h5BBIropE-GLuza6Kw5jlwNg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame B2AE 160 B
618 B 114ms
41ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=42365400122245600710624011770023&wglinkid=3392345
Requested by: Host: 7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
URL: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Last-Modified: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 160
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0F47 11 KB
5 KB 76ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.unian.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2568
date: Sat, 06 Nov 2021 17:55:26 GMT
content-length: 4685

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 74ms
27ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 17:55:26 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 07 Nov 2021 17:55:26 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EB67 51 KB
51 KB 22ms
17ms Script
application/javascript 143.204.98.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392365&wgcampaignid=99582&js=1&nw=1&viewref=95347300106830800951393011770014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-61.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 44758
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 06 Nov 2021 05:29:33 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: pxz3JY1-oL5hb38a3qJE04t9iDNaeQDpFz5SH-QctesC2w7sSo2wSQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame EB67 160 B
618 B 113ms
40ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=89302200115062700951421011770006&wglinkid=3392365
Requested by: Host: 791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
URL: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 17:55:26 GMT
Last-Modified: Sat, 06 Nov 2021 17:55:26 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 160
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB2F 0
119 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=2911960870523323&bg=!9fal9rLNAAYH3anuB907ACkAdvg8Wmdy4ly7d7ConXqvTOqbd4IcbJCJSPBGfTnoYxsbDhgq1KpyOwIAAAHhUgAAABZoAQcKALXojPvWcEmMxr2zIMZw5n-cVI2VwHeptlhg5gGRs7kYSnKk4BwagxjzTtYgg9DoOIa6AZfts4GftQtvhMwUlJrDgPM1YQ7TtM5I4fMS9G_M2x2lyKmw2Qpsz_fQzKhTIZdNlDLWBZQo3UspGcQ9AyTe_kfa2l-ZFnUEB_obvaYGeAQGSv5SBVZ0Xh5CougqJ6SDv7YaA468GoU7ynNXQds8-9ISiWpELXsUBWqKKtg2cfyzQmSvmQLGlSA_WQvdVPLvbGEGx4AwsM8X5MyyJWjBfCdV4TsRY4GURFJzyApzZXzllWnLRAYCXubMteA6Y4v4dhSda2TygWev7bdE1H8EidW_GsB_cFGkALvxwTd0hDdquGuEtBQ-TaasgDeN86hBTT0nCjSYnJqVJFnzE-orXPEJZBSdMnDGSIA1vMSjiq27UCpfCee7Pf-IDpR2HAv4D9-df38wW8wyDBUwhuWlKc6mJ82XR15v5yek9QVimEhE9SwPzfxLd_f4Ku6jm3q3hZ0WxMlJRhTkIJ28YI4kskqES-ij_-m8sIxJdGn5QqVkg1UQWoXTFWAg3tG-QD5fxyUCRUC1E_dZRTwCdd1l1jMVfURedYPBEJmobHOl0b5RrTNqjhahzAXp_lJgbG-UKjipj70ZYoeGQRlCq5_-PvHR7zvjesl0q57xs8c2ZoITcoG7HChvdnigNUNaBIhg0A1dpfZu6mgUi8bOh8CNVb3yJuoC2quLAwb8C21tsj5n1Rwc8zPvw8d2kykQpHKoj-PUEMhPWGJqlaZQM6RH4MuWQwAC5sa9Do7QwtXYgYdXnuVWNf2Bh9QYBQRLFG4OcXWDUaOhUinv84tpx0ZtpwV-yl9DJ82lltFKuWWTjtHRi-P_RBCkeNsIysZXT03C3Jmw0hq2Tnl92y4uNmImz5BPuN948TUAC8yQD_guV1yZ5oWTkzUJQNx_XDJkE2Ab6SOdibnzyJtTwkMd4m0MSgSKLA0bRTlYa_gMYAd398dO2aL0uOdTY6SW3ViphS1Qaje7KEHCCZPQTnWhwIF5qAM5U6bNrcZ0sotrSeeOOi2FNJFB0NDNFFkFjVlxcQPZqjivHUZDAgSJtBoOuN2xkuRFGr5INAyiEABb_QzFuccG-F4FZUGUFRSIv_xpVOb0rKulA0-p-CA3PZY_Cjs1sl6-Qjj1uY5wBH0PU_M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECA4 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=3505968375036872&bg=!8fKl8rbNAAYH3anuB907ACkAdvg8Whw9nrT0H1fwBboOavBTibkpIS30e2OkU_B9AISTp0yVQ7rdTAIAAAIJUgAAAA5oAQeZAsw1zuf9yWYoXCI33kTrGtQIujEi6g0sNmac10hmN0Oir229GKP2Uv31afWUpH8SS7t63gm_dtDB18Td1CEJj5cArjPxSNi3R1iaWyvD6A20a11EARdr8JG8Qtc7Uzyxw7o41MwPUrBq_-F7TxTJ6jbrIPU5ARrtaV29GPS5gdPlJd2DLZlDYszvs3JhMPpMBMZBDmZJkGvAbCzRW7hugWYkqQiiXNc2YT-hUrscB8aX2YsUvVTnlLYSiiLJR9kPE5vr99uiT40smQDewf7utPYhoNxRpgByJKDrUATTHQKr1odh_Fn6voQO01Cd9m2chQwOEz5qXuHHdkZReHmqpFizQtH2bou9onG8sif5GtIVj94JDait185xT8tLlO_IxCv-sFyy_o_bsIFAlqG7E99d89qMtqNIGN0IYWpDAW58Kq9XFC8-3UnpOuBfWPJxNfglbJzHExLbUIBmUEpgnV0MW6ZByh_1hmQnA8azRPpK6dQ1UMF3YWBe8WQVt2zQrwGxtC5-qJMtGCX5p8nFeV7yi8GyhI3LmamEMKWhDhAhnCN0W5lW8RhtfuDYz-s5nmIqpIT2Oha-H-uQ_-Mx7LA1_S3H4HmnC5j6QLMLPmUQ4o3cpb0obExA8eEBGqv0xFCK3wrQT6z6ehi2wpip5SMjOjifkf-jCBDEOj2LwKeZmlm8-9oYSkX9W4m95xtgRPgr521eJOi9U62z229Slw1wHpJuMTLpZGLGY_Rzv5ENRqD5vbj1S5YO7m7S0P5b26hQxye3oja4ddjncdN8GtBO4w038UqAxbmYULUmjjsrV-7brIjK3-LRyFkfbhf33ukJTAdderUwfFLWoL6dxvvpA6WBwC9e8eLuLLDRlsA_D5LXFGAUAPcZFUk0mAPRqEGswgUBKrdtbdyqdaST-5c4U_BXXIVWQkatzL6UeSmk9odgs61F2Ny4tjbOfg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=253465796746574&bg=!7-yl7KjNAAYH3anuB907ACkAdvg8Whb34HMf0_m-eTw5eLT9XSymp1UhN7XbJbk7tGncsXIcsAqaVAIAAAJIUgAAABVoAQeZAqXl29M1ttv4ZagIWup929ASreB_WZ4_7Q55qEd4d7td0hzFzK6DSCs0lRrZXW4SixisypSPN9EsBxRqZrcEZr8ob1GhdQJFbzjt-VuAzXzNDKboLWa7evOcweD_5yTyndEobYcQR7Z0mMSm4h-5VAGmpgxi4euo6xx6_Xw64aGlvGEW65x6MihsQ2JZYLYlwaVsqNLtmha1fF41_v1D79xcgRCADIlxVtbkJJaEZEmduhvSXF70Hw1Zvs_WMzd0aLLsHcT-W11ZP3krPSshit2chO4JJ325ISoKL1YS5RwWuWPTeBGM6PO_SxXxQBu33EED80mDWrjc-_kkGmjKZe3R8IFnj5XKX-jMtVmJ0zyvFOT2icO7-5e21Rhwvc4oSBuBm0WiTUaUql_370a0nZ6RWIjmJMDirBfkzQz8HtxMvIq7_r71sd92SLK92LV9Z6Y6jkNiBb05cbum--v0dfjyusgjBwMDh4R9q45hjKZJjQN_fWyP5zOIEKOU17pD3AHr28TZJovUhMrOrw47JFMFQh2YTHHR9VOhibONZu769sj34faLNRGJCeafXlKPClrig7f_00KMRrgRlKGxGiwlOg08a_IV5dqrpFrMpnQyjQdoFY8pxEHNsijb_67YktRiu58QEyXtbDE0v-EUL67i6bPZ0jgBqJGWfOaKHSlZWs9Y2iqjALrEyybGw1r3GNU9u3JtOwzNBZKnhMJAr1bg5_eMYt4oECd9bvS16Abwmc8FSQOpAjVfVThOeZONVRScEG5lfGDhAZw1DJHpA91CZ3RitNtTsEx8uuCiap3ixdy_0g0kj1IDJL4ytJInw8hvxN5FQAn5UZUiPZ3xtacHJ1neHebhX6mqjYx1AcL0BZbnfjHiWNgbY5qTAtJNs_N_MbvqVA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0F47
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=unian.ua&sn=ChromeSyncframe&so=0&topUrl=www.unian.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Wt302XxrYWdTN0x3TmVmcVREU3o0VTM2TkpaOW9FQUpTSnY4aFNoVEtqMkxON05PeVlPMTgrYk5NTE45UFR0RHgzbjg1QlliWEF6RFlYWWZuNVk1clM5a1lnbUxJTGkraVNkZ3VvS2FBdncxNzhTaU1ZRnhFYmxvTDQ4Qk...

428 B
622 B

62ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Wt302XxrYWdTN0x3TmVmcVREU3o0VTM2TkpaOW9FQUpTSnY4aFNoVEtqMkxON05PeVlPMTgrYk5NTE45UFR0RHgzbjg1QlliWEF6RFlYWWZuNVk1clM5a1lnbUxJTGkraVNkZ3VvS2FBdncxNzhTaU1ZRnhFYmxvTDQ4QkJ3N2w0K2FTdlRHU2pobUdPdXRzcXFVYzF0d2NueUkwUDlSNXlGUzl6a1M5ZnZ4MmNPRjhkNkYycnR6ZUdJck5VMWxxakZ1WkxYeTN2YjdvbzA2dFdGTkFSai9qUTk4U2ZGcVNYOFpSdnZOcEg0V28rMnNLSEVJS3BwdUllWFlNcGxxOE9DcThqYll4S1Q5NHVKTGh3R2NOUFRlWkFWdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f9250ee6a9b06c346b6480df3bedef833fafdce15e097135788e2106df8c3b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 06 Nov 2021 17:55:26 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2635
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 06 Nov 2021 17:55:26 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Wt302XxrYWdTN0x3TmVmcVREU3o0VTM2TkpaOW9FQUpTSnY4aFNoVEtqMkxON05PeVlPMTgrYk5NTE45UFR0RHgzbjg1QlliWEF6RFlYWWZuNVk1clM5a1lnbUxJTGkraVNkZ3VvS2FBdncxNzhTaU1ZRnhFYmxvTDQ4QkJ3N2w0K2FTdlRHU2pobUdPdXRzcXFVYzF0d2NueUkwUDlSNXlGUzl6a1M5ZnZ4MmNPRjhkNkYycnR6ZUdJck5VMWxxakZ1WkxYeTN2YjdvbzA2dFdGTkFSai9qUTk4U2ZGcVNYOFpSdnZOcEg0V28rMnNLSEVJS3BwdUllWFlNcGxxOE9DcThqYll4S1Q5NHVKTGh3R2NOUFRlWkFWdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1806
content-length: 541
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2183 42 B
174 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssa29lA2jTuprYovF3gF592NePzjqCsUETFy0krfKS5uRbn9m4VNYt5ZJxAtaVPUQCSldJzw-T8Km8aobMLwMZzLy3byKDExhqyzoxlWhRuNtBRQWo9gA&sai=AMfl-YQvffU2U1jgFtj9IjbOg1iQf2DiTQEg4eMAoczqhD6v52oWGTLeo8Zu6IVzEVdnGdM0XiZgMCymnvaDpENu-vic7a3uRRv5XDJxG8mnHoCudFTiF8mJAe_3nzma2GF7&sig=Cg0ArKJSzB2uzNrhqD8IEAE&id=lidar2&mcvt=1000&p=1020,80,1200,1520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1240459465&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636221325119&rpt=358&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 17:55:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B2AE 16 B
232 B 118ms
118ms Fetch
application/json 52.215.101.139

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 -, , ASN (),

Reverse DNS

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Nov 2021 17:55:27 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EB67 16 B
232 B 132ms
132ms Fetch
application/json 52.215.101.139

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 -, , ASN (),

Reverse DNS

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Nov 2021 17:55:27 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 133ms
31ms Preflight 52.215.101.139

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 06 Nov 2021 17:55:27 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 112ms
31ms Preflight 52.215.101.139

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 06 Nov 2021 17:55:27 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 73ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unian.ua%2F&domain=www.unian.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.unian.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.unian.ua
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1645
date: Sat, 06 Nov 2021 17:55:27 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.unian.ua%2F&domain=www.unian.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=Ii79AnxpaDMvUk9mQ2NxcjJqNzJJem81cjB2Zk1NSDBMUmxvL3pLUDM1S2JWMG9LYVR4YUl1TjdZdlNOR0I5a2l0ZFNzTndXWjZaam5FN29lWmRiSEorT2pQcjU5ckF1aFltR1ZEM1BjbDJRNHhzR0ZHZmQ0M2M1SHU3dk...

419 B
653 B

17ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Ii79AnxpaDMvUk9mQ2NxcjJqNzJJem81cjB2Zk1NSDBMUmxvL3pLUDM1S2JWMG9LYVR4YUl1TjdZdlNOR0I5a2l0ZFNzTndXWjZaam5FN29lWmRiSEorT2pQcjU5ckF1aFltR1ZEM1BjbDJRNHhzR0ZHZmQ0M2M1SHU3dklWWVR2YlBhZ2plR09WME4xT3B3VnludEVheGttZzFFUmlDQ3dKWEdRZ1YweHZ6N04rSFp0QXVkVW1WZDYzY2p5VkJEbUl5cFBhOHA4OUFBbDNTTWp3UHRaNVQ0THVxeEE0YzFONkVUR0hqczlPdWNWMUVGMENnS2RMMTgzdTJMamlKOFhRWnBBN1ZJakJsR2xzM0JpeUE0dXBXTzJHdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

efd1897668498343093014530c6bacbba2f46b7a929716f3e57b9e37470d0715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unian.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 06 Nov 2021 17:55:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2218
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 06 Nov 2021 17:55:27 GMT
location: https://mug.criteo.com/sid?cpp=Ii79AnxpaDMvUk9mQ2NxcjJqNzJJem81cjB2Zk1NSDBMUmxvL3pLUDM1S2JWMG9LYVR4YUl1TjdZdlNOR0I5a2l0ZFNzTndXWjZaam5FN29lWmRiSEorT2pQcjU5ckF1aFltR1ZEM1BjbDJRNHhzR0ZHZmQ0M2M1SHU3dklWWVR2YlBhZ2plR09WME4xT3B3VnludEVheGttZzFFUmlDQ3dKWEdRZ1YweHZ6N04rSFp0QXVkVW1WZDYzY2p5VkJEbUl5cFBhOHA4OUFBbDNTTWp3UHRaNVQ0THVxeEE0YzFONkVUR0hqczlPdWNWMUVGMENnS2RMMTgzdTJMamlKOFhRWnBBN1ZJakJsR2xzM0JpeUE0dXBXTzJHdz09fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.unian.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1765
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
530 B 39ms
8ms XHR
application/json 51.75.146.199

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454505/hb_298309_4142.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 -, , ASN (),

Reverse DNS

Software

Resource Hash

1860d58eb0d8cf683522314f4afaa7c1dc9c11528363691ba1fcafecc99cf0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.unian.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.unian.ua
Date: Sat, 06 Nov 2021 17:55:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 47ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1009
date: Sat, 06 Nov 2021 17:55:27 GMT
content-encoding: gzip
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c7f86846-a4c7-4f62-952f-1995e0f837cc

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.unian.ua/	1970-01-21 02:17:01	Name: lapuid Value: 9546a155-84ea-474a-8de9-49e781fd2c56
www.unian.ua/	1970-01-19 22:30:23	Name: session_id Value: 48290176-1916-416b-ac37-a25d06f01b8f
www.unian.ua/	1970-01-19 22:30:23	Name: session_pageview Value: 1636221322.1
www.unian.ua/	1970-01-19 23:13:33	Name: site_visited Value: 1636307722.1
.unian.ua/	1970-01-19 22:31:47	Name: _gid Value: GA1.2.1417444904.1636221322
.unian.ua/	1970-01-19 22:30:21	Name: _gat Value: 1
.unian.ua/	1970-01-19 22:30:21	Name: _gat_uaTracker Value: 1
.unian.ua/	1970-01-20 16:01:33	Name: _ga_P6EEJX21DY Value: GS1.1.1636221322.1.0.1636221322.60
.unian.ua/	1970-01-20 16:01:33	Name: _ga_JLSK4Y8K67 Value: GS1.1.1636221322.1.0.1636221322.60
.unian.ua/	1970-01-20 16:01:33	Name: _ga_DENC12J6P3 Value: GS1.1.1636221322.1.0.1636221322.60
.unian.ua/	1970-01-20 16:01:33	Name: _ga Value: GA1.2.539206431.1636221322
.unian.ua/	1970-01-19 22:30:21	Name: _dc_gtm_UA-32196466-1 Value: 1
a4p.adpartner.pro/	1970-01-21 02:17:01	Name: apuid Value: 9546a155-84ea-474a-8de9-49e781fd2c56
a4p.adpartner.pro/	1970-01-21 02:17:01	Name: apudmg Value: 1
www.unian.ua/	1970-01-20 07:56:16	Name: _pk_id.3.6fa1 Value: b4e878c33e2e3335.1636221323.1.1636221323.1636221323.
www.unian.ua/	1970-01-19 22:30:23	Name: _pk_ses.3.6fa1 Value: *
.admixer.net/	1970-01-20 16:01:33	Name: am-uid Value: 1f0104285c924e4a83d894b68495991c
.unian.ua/	1970-01-20 07:59:09	Name: __gfp_64b Value: ZrWAbqH_VRmwP9jqdxxI.ISdhaK0w2haMP7osaX.Z1P.h7\|1636221322
.hit.gemius.pl/	1970-01-20 07:59:09	Name: Gtest Value: KlQSARXGQMGG5HByPIFRwnGissGMXP8c25nSGhueMeAL611isG..
.hit.gemius.pl/	1970-01-20 07:59:09	Name: Gdyn Value: KlxkORXGQMGG5HByPIFRwnGissGMXP8c25nSGhueMeAL61MiGsRPIQlGvGQp-MD8SYS8RLpGDy2xFSy8uAeGsG..
.adtelligent.com/	1970-01-20 00:44:16	Name: vmuid Value: df5552784723c529
www.unian.ua/	1970-01-19 23:13:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.unian.ua/	1970-01-20 07:15:57	Name: _pubcid Value: 2cc9e336-6cdc-46bb-b06f-b9760a617df5
.openx.net/	1970-01-20 07:15:57	Name: i Value: 2cc9e336-6cdc-46bb-b06f-b9760a617df5\|1636221324
.adnxs.com/	1970-01-20 00:39:57	Name: icu Value: ChgI4axaEAoYASABKAEwjIObjAY4AUABSAEQjIObjAYYAA..
.adnxs.com/	1970-01-20 00:39:57	Name: uuid2 Value: 635746250263513558
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 07:15:57	Name: khaos Value: KVO3XHXM-1V-5E5Z
.rubiconproject.com/	1970-01-20 07:15:57	Name: audit Value: 1\|naVuGyos1qotV5662Ln23eMH05QULE/jV/G9Z/GRzTz24WPzaViPwcDQ9l9oNU+zalQXshnUjCh4yK/+weJ2FUFxUDOSAjcQHTiltakQY8o=
.betweendigital.com/	1970-01-20 07:15:57	Name: dc Value: was1
.betweendigital.com/	1970-01-20 07:15:57	Name: tuuid Value: 082f803c-040a-5336-8429-4b81e5af8a0d
.betweendigital.com/	1970-01-20 07:15:57	Name: ut Value: YYbBjAAGgBDBgQIVITtkUSFIisTjFnTTym94tg==
.betweendigital.com/	1970-01-20 07:15:57	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:15:57	Name: unm Value: 1
.unian.ua/	1970-01-20 07:51:57	Name: __gads Value: ID=e2ee5af2cff26464-220ae67c30cb008a:T=1636221324:S=ALNI_MZ1B1yQsp2XUNkbOmc0Z4d_YxE84A
.doubleclick.net/	1970-01-20 07:51:57	Name: IDE Value: AHWqTUkNxT06vCvAqgrOJI_SsYLzSqta5IYBPQFlq_GJ3rtkuKUg16fut4i4Fi-qY28
.doubleclick.net/	1970-01-19 22:30:22	Name: test_cookie Value: CheckForPermission
.mathtag.com/	1970-01-20 07:15:57	Name: uuid Value: 3dc16186-c18d-4401-96b0-3a52d042c0a8
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.medialead.de/	1970-01-20 07:15:57	Name: trscj Value: MTYzNjIyMTMyNnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRRNU16VTNNakF3TVRJMk5URXlNekF3T1RVeE16a3pNREV4Tnpjd01ESTBKblE5YUhSc2NBPT18YUhSMGNITTZMeTgzWVRVME1EbGlORE16WVRNeFkySmhORFkwTkRZME5tUmlPVEpqT1dJeU5DNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: dfif2hohtrs20l4zkf4suurw
pb.media01.eu/	1970-01-20 16:01:33	Name: DTU Value: 39140C02F647CF32E0FE45F309C8BF06
.awin1.com/	1970-01-19 22:40:26	Name: awpv14098 Value: 296283\|1636221326\|b8b356e3-3f2a-11ec-beb1-223071fe7256
.mathtag.com/	1970-01-19 23:13:33	Name: mt_misc Value: mt_bt:1
.criteo.com/	1970-01-20 07:51:57	Name: uid Value: e9244a6a-c479-4198-aafc-9bf515b35d72
.unian.ua/	1970-01-20 07:51:57	Name: cto_bundle Value: 1ALAmV9CZ2M4cDNXcCUyQkZnMjRMTHBFUEtsdDlkV0tOTGFwJTJGaDZRRFVBNE1mN0dJcktjU3lzQnd1Zk03UEZ5Q2F1ZTZ2dXpHbnNFU2FHQVYwYTRDZ2RYa0dzNGU2UVpJNXAlMkJWQzRQY2pLUFluUnZhUkY5a2w5NTY2QzNCMjhJeDhZY2M4aVBXRU00YW9kek1qYiUyRmdZd1gwbnROZyUzRCUzRA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ua2cdn.admixer.net/player/roll-replace/stable/es6_727356c3a866a6df7bae.js(Line 207) Message: The provided value 'xml' is not a valid enum value of type XMLHttpRequestResponseType.
network	error	URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D Message: Failed to load resource: net::ERR_CONNECTION_RESET
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

287775a3be094a9d7c6451099cd28343.safeframe.googlesyndication.com
791bc18dbf95af3a2132fcb890ebb8f7.safeframe.googlesyndication.com
7a5409b433a31cba4644646db92c9b24.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a4p.adpartner.pro
ad-server.eu
ads.betweendigital.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
adx.adform.net
analytics.google.com
analytics.webgains.io
api.webgains.io
assay.1plus1.ua
bidder.criteo.com
cdn.ampproject.org
dm.hybrid.ai
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900024.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
images.unian.net
inv-nets.admixer.net
ls.hit.gemius.pl
medialead.de
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
pb.media01.eu
pbjs.e-planning.net
photo.unian.net
pixel.mathtag.com
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
push.1plus1.ua
pv.medialead.de
rtb.adxpremium.services
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.mathtag.com
sync.medidexs.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
ua2cdn.admixer.net
unpkg.com
vid4.tsn.ua
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.unian.net
www.unian.ua
sync.adtelligent.com
104.111.239.217
104.26.11.30
135.125.163.79
138.201.63.145
138.201.84.252
142.250.185.130
142.250.186.166
143.204.98.61
145.239.193.130
146.0.227.110
146.59.30.108
147.75.38.124
172.67.70.159
176.9.26.250
178.250.0.157
178.250.0.165
185.184.8.65
185.29.134.248
185.29.134.249
185.33.221.53
185.46.149.20
185.64.189.112
195.137.240.12
195.137.240.21
195.137.240.80
2.18.233.201
209.58.175.20
213.174.135.1
2602:803:c003:200::61
2606:4700:20::ac43:4bf1
2606:4700:3037::6815:3471
2606:4700::6810:7daf
2606:4700::6812:272
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:2638::3
35.244.159.8
37.157.2.237
37.18.16.22
46.236.13.147
46.249.52.248
51.75.146.199
52.215.101.139
54.37.238.28
54.76.176.197
77.120.110.196
88.198.250.30
94.23.99.218
96.46.186.57
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
024db74b121f5a72e41d19c308bd6b32b7c5b227eb6ab358e47e75f604e46ef9
04782befa7a473d06847082858ec85783220a2fe1c409bd481227ecb222d7da4
0504818babae77ab3df4970906222ba44b331ebe923e55a0c602c1e7725ea920
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
05ea97088e284bfb5392729793a7fa7eb42b24f12f39d5fff105b18f2a05aea1
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
0a1a193ed84eefa6b70a9253975ee7517bcb8141bd9b3703df59c6fe4e7cfdc7
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c99bd086c32eeba518bee198628e250e82cc8f55ffc9b50e0c3b0727b67758a
0debc83fe650ab144dce953c14ab4b83da7dc5dfc00240946767cc251e41ca13
0e5ef4498a28687e7a115643f67d2dd868238e7f56c06b0aa9233c93557dc22c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10acbf85f4afb5e04e39fed89efd2560e09eca0ac72fae393a08f457c3e8c06c
12afe03faa8b4e2f687218521d93454d77178311192c5464fce882b5871b070e
161d220dab8a7aa5b0e6373527b4a445d1e1bf990dbfd802ce495771887430e1
1831b0a8365f5b40833df780d8e9fe9595f4453b535161e46ab1ae9ca77c838a
1860d58eb0d8cf683522314f4afaa7c1dc9c11528363691ba1fcafecc99cf0e4
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1c9346a5da669907a5eecf3b7ebdb4e8b99188f9c3a8d00ea1f60bf254e04e4d
1cd10ac1f974a26ea93779748deb7c46962118db16562d3e1247bb20713bcc1d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e37507ed2ea5297e67bfecd7baa250cd483e4ff4865e0ea866676c815e8b0e6
1eb399dc9b191283ba480c30ec4d8a9dc016d2d1b249dc4920dfd9696be40506
2335e0a201f7e34878d87cd6357e0ed3c91f62d4f51e5c193a89aee45bfabdbb
2666994c593f37585b5f4e8b5f5c655c78b290b8964d8de1cf245bcd6b21ec5d
28b1f4b9f20caeb834a4131d0b100e53f258fe81b8ac5367798f22bbb7869bfa
2bc88b4ca34ef8cee9a268733ec01622d06d024fa4446230ab42b0677785ee51
2cfd0a9351fa3755ca9099bd76aa9dea95dfe09ab72d16bb3eeb9dc193966251
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fabb381ada11b2e445dc9dfbadee4088082e155c869c7d6f5766e5734b1202b
318c86635781f1756a9795c12d29b56c736a40651f4b2dba2323df92ccf7e076
3a06636a206691621ef22b7433b612d25654f97da6c47416d9375e25d2f26427
3c13940106ec046b47d72a552f9750987d0c01f5c56b16def74510da1ae0fe72
3c1694f826ac781256dd0905ad3014cd47eb90c2aeb6d3d49e768b957a93cfd0
3d1cf807fb2720ba039ad00c1b8eada762f269dde8001b5fd4fa1b4740c9fc81
41e906a81c69cc3d30f4a9c6fa50b5c3fc5756c9acabfbeaed66e170e62d12f7
42639360280f0212ba607cd8cf6113234e7fb4b86deffd1fca023d87b9124f39
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
484a032c47f88155b98afbcb9d21d2ab89e8f821ffd59fbbebb03f292fb5a741
499acf32d7d7d2b70fd2c7853b1d606c2eea5c2d571d5b7cdcdaad9072dfbade
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4cb243b61012645090247114840991e4497d7669508de6e83b690a9c3d070a5e
4ed8f2f97aaee383d0e78a6fd74d468ca8acd50f557a9978e6d434a1424c1ec7
4f2670c8b666ffeaa47b2f89eabed404a0dbb037d9115b1925af324db5330756
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503aa0afd924263e23e5fbe885c36ad5373a0cbf22c24b104032cef8fb831571
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
5124ec463a3a065f6bcc61e1a19e261c2a46bfd70ed71df0f5ce6489171ad4e7
512997b7fda8594eec1303b35aa0ebe601536b55fbbb2891429d6dc091c90beb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c84c35575d4b3f0a32189f5ed7b8ba30e180816f32466d0c92f1660e23437c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dfd5c8179049dcd3550abb3cd5e2e04f323e6535e8595a1854324018abdd4e
56a85216075ccab5b902bd2404103431fdb185c21318fedae6048d91d1c77469
57b93b169129336e2fa1f1180c33bb4d095d66cd1925486f713e714eee1c512c
5932cd8afe905ec830945f5397713a25f1ea4ff182c4226ee9cf53fd0d80ff89
5c9269a95531d695434bae92d5844264849a67fb28f16faa2a4e863e05f8aae6
5f7c52a5da90dfe325ba1633ab58b3ed2d495dd440a248a6e9f5944e04178a42
6399324f5235dab8d64d5bfde090f3714fe31ab1cbe81474c4d66c9886eef9c3
6409b4fe703e6275a0195c53b79bfa394b11f022aa909612a2f2820e18f49407
6450ad5f4dd7d31f70ff3d1737632bbac70595eef7029afbf46619c5afae935e
6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0
676d3ee1e5815df462e6c4cdcc9e827c3ef0abd551bd6196df79b293775b62e9
684194e1d273432cb4dfa35637b10c0fdec5d6c0d0de3a0e33fca3f610930f86
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
697532baa732f6b5f01689fae7a913e322cc33eada245dcecc63778cf5472ac4
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6b7bc4c9b10f7db251d6fac5fae793d0109a38ddf82ed6272eb4ea81346628b3
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
71adbf9e064f0f63aa6e3bd571902f8344d05d5135742ad64bff8c8a83ee11a9
73973adea2d6aadfa924013a26aae5cd9b3a39f476b5b9b01b12c8465e5effd1
74dae20e39b2a5f54f8ace18608b2394cbe2a4d0ea3750c881431f7e9a1782cd
775ddd9cbfd52574866001b5fee64556f7727fd135605f0c639aed1bde9911d5
777491505b6a95c2cd043068004a4dde473848e5de3dfd3391a9a14ede26cfa5
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
79acf501d6d8f59bfa0d9ad6418ed57326482636f87a5f319d1a8e0562346f3e
81657eec047d0c3647616c84b0065a775277dd2774ac28ae3ed7c07b7f78e759
829e6123b34ec0433c2ee65a79589cb48bab763d75504fb4d9e7cb6c90ea328f
831594119e8f775b7f4d600978c9b72d4c9100f664056dcd91b4d32ff831f890
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845a576a15939601a214489ddc29abf14959686164af8bacbc1befc49f071d16
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872a748de0e2452b44a58df1e8a69260c7a1af97ff2d86b9abf26aabc08bb33c
875856a2a0cc9513db44de580cc41df946f32d21ec023974161fb9e54128b1ed
89354adf70734a1011e0679d4bbf0719dc1eac286c20305cfecb6976eec6e61f
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9486979e92e06a729e948ea504a279623dbcb01faf39324a7b82d93fcfa02b8e
9781526687d8233c656f20400f16bc6fa7ddd331dee2703ca9edcf8c7b4ba95b
97a4a6b7659219747581358924eca5219cc9f07d14418fe8fb340d05b61dd6cc
99cb6be902223fd92a5aabde53c25d82fcaefc93caf8841b53108a3876d55238
a045b41075c780b6f768e682b50df103a4394256aaac46eedd05ba18a8157f56
a06069294858f5c2243265ffefa210b3894ed16e1115ed13c19eebfb903e816e
a358c2cb3def255184a978ff00887a7f761e8116e0976821d796a924f6efa505
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52723de29aa0a38f2d0751901271b50b0d6ff58293a742d1a190bc5c4b2c048
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
abdf5bf45dfb57a01924ff257bcfa6956e01d669ea075a048fe8af8b621c7703
ac038bdc9bf5707d7b112eec23f2bc6bfc652b90066b2899145aa0d0eb51971d
ad76adb99b92870c5b81b1cdc2f7559e708e8550c6ab9f19eac6d93ead0af354
ad9898c5c2693bec9c69aab1763b2380c030d321269b302a0eeba6ef9d6b2da4
adf4f46a0f631a80e321013a031156b5f9d1ced95bde8c7a1d4bf147eb1521d3
ae4ae247e96cbd02b3d916688dcaed3bc02f77eadfb13e99173ab5db9b73b477
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af566f7df8ecd17930e50b1b8388805d307f89d95da974ad7c60c36323f7a460
afe4e6e41096369d680df2cd4394efe6b1041ac27ad59d097cba135f714e7a46
b03996e23dcbea0107d19cd6a07ee6ff84b9cce67b4a2bae564046f89b00e948
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16ff8fbe1648abcd3327ff09d7e232471bb0398e708e3642b9fa67d35573864
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b82abf7e35509fd2be23246eb3efc8c0ae6b204ec022b73f4e5efc04d40d1054
b9f9f54f53824a3f573716c3902f9cc6c8d2c96b3c37b72627c3cfe44255948c
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba42d92d3598ec7696dd2f21e27068cf97f1a20f8f2a00c5b859ff490b824dc6
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bf3acfa79d1f7530615c55d9293cee723bc7413382fe1e84e181a50d7d3b252b
bfd6b496929b3e56950cf0d2bc6d5f24a928dc8269784722d0098fbba674b491
c3bda9e752bfe8b0c7ce9cd7d9a3c193205ff4e626f5d683190f5798680e9e24
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c995f49f5b57b87006af5cafa44e4f4f7c4013ad9d8e158614114991d5b7d8cf
ccf4ba932d3f9494c5ee069be800d4532497f93fba772ff72960a10186ecb44a
ce779517554adeb14f6595994de8f3c285d4b02eea9f991b0b566eb60eae29ec
cf82deec94a354471001ce44f2df94e5d15670877385481f5cf40e28ea4e63ce
d1d599f0f3f6bf4b966035eac86d751eb1344fa890f5e0d73b8af40a98e1491f
d2e650fde7b748c6f48495e6fa314563194333aef858db6fa4a6d3d5e19a11e0
d7824dfdfc9df9b70e3f5dafd710c25649f88f15aa273379d25d5bb703738a26
d7c40ea6d5cd70e8fcf344e562b39eed818e70fbf338e3d5d286ed32485c1456
d804dd72cdec5a751d93cb4e9ab5ad12af4eb1ceabb4accb2e53e3095b1aee91
d83b4c7d6f3278b8dfd1cbf392c84ca4e4032c1c988c7fa93cd343395a936346
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
d9c75caf86c7ec9d0b0ec9fedd0a6cf9613884ffdf541ca27da01cf7408c6d7a
da0e1199aa1e3263dfe76eec2113380290886d04faf068450fa81e7d4747edf0
dc33ffcda296abbad2bdf085e0820e77372aa635b50ecf3375ed929f08a7878b
dcaee2971b88d0c22d4e186a11770a254f328b7b3d41d248f0cdcda01b7387cf
dcfe0d1ee2da41e7731b4be9b70da80c4557c9ad613003d4dad2795b419a946c
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de10bf080c876ecde1166746dfb23b65e9afc5db210cab5c59cc7100e858b968
de1b987a249f4e7b0422a805c7838599b34595c68c7016d5a771fdc22eb28ea9
e2cbea412a2acc527bd96f368e459518d7b481de8538daceeb5e54b5880040d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a55b530becb37d7216153b15e5599a36f596a5e5ebe07fbe9d00ae7429c602
e4bfc2e615e2893f083cf03ad93eca1aa75ee35debd871129a4c19b1a35fb415
e60a7f18c4f1bf76f2fd716f9d29b2db3b333d7edf0fba8748f43ba5389d19eb
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e7b60d2b5113d75c21acfd595ff19dbe9aeedd9f9c3b4e4c262544164beb89b7
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc
ee70d5966612315cbcf88ed0517d0a01a232bce4ae92e3ecd8aaeca6cd0726b8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efd1897668498343093014530c6bacbba2f46b7a929716f3e57b9e37470d0715
f0db98bc257f7af3187bd7ec0661af3a9a04719b1fcb94838e07046db5a726da
f7a40621de140fea12b04805ebabffa3a27e4a2ad7860419f39f101fa4bf53b2
f8f4202605d56b7d690fe896cadcdf35108b261fb0562343b538dcd7beda750c
f9250ee6a9b06c346b6480df3bedef833fafdce15e097135788e2106df8c3b1f
fb8cab2f8ecc5c176cf98fc215565db0c9d6221b05ae785db6aaa13fe6af662b
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fce6c999a39c8ed4dd6e85e60975a06ba5d2e6161c8ab218f5f5adc4b8bf1a73
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
feee2b7986dd5c9eae0bfc8f390e223d90d6b255b0222960f39130d9f54b3d86

www.unian.ua Open in urlscan Pro 172.67.70.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

278 Requests

97 %HTTPS

38 %IPv6

44 Domains

75 Subdomains

65 IPs

12 Countries

3595 kBTransfer

7633 kBSize

46 Cookies

30 Outgoing links

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.unian.ua Open in urlscan Pro
172.67.70.159 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

97 %
HTTPS

38 %
IPv6

44
Domains

75
Subdomains

65
IPs

12
Countries

3595 kB
Transfer

7633 kB
Size

46
Cookies

278 HTTP transactions
6 data transactions