www.fin.org.ua Open in urlscan Pro
91.201.40.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fin.org.ua/
Effective URL:
http://www.fin.org.ua/
Submission: On July 23 via api (July 23rd 2021, 11:55:03 am UTC) from KR

Summary HTTP 108 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 48 domains to perform 108 HTTP transactions. The main IP is 91.201.40.117, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, Moscow, Russia, RU. The main domain is www.fin.org.ua.

This is the only time www.fin.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	91.201.40.117 91.201.40.117	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
18	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	91.194.250.152 91.194.250.152	42352 (QOS) (QOS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6 18	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
4 5	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 4	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
3 4	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	116.202.51.238 116.202.51.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.143 193.232.148.143	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.48 195.209.108.48	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::681a:5db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
6 8	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	148.251.4.142 148.251.4.142	24940 (HETZNER-AS) (HETZNER-AS)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.132 188.34.131.132	24940 (HETZNER-AS) (HETZNER-AS)
2 3	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
2 4	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	217.66.147.169 217.66.147.169	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.212.233.36 88.212.233.36	7979 (SERVERS-COM) (SERVERS-COM)
19	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
108	41

9 91.201.40.117 (Russian Federation) 1 redirects

ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU)
PTR: vip4.deserv.net

fin.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.fin.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.194.250.152 (Kyiv, Ukraine)

ASN42352 (QOS, UA)
PTR: dd.rehost.com.ua

www.raskrutka.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 195.201.243.71 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.208.236.251 (Reutov, Russian Federation) 4 redirects

ASN12695 (DINET-AS, RU)

hit4.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.146 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.198 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.51.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1397156.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.143 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.48 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5db (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.172.81.160 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.159 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.4.142 (Schlanstedt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.132 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.132.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.148.229 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f05aefa60c602f067023b3b3b-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.169 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-169-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.118.200 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.36 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	378 KB
18	acint.net 6 redirects www.acint.net acint.net	16 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	85 KB
9	fin.org.ua 1 redirects fin.org.ua www.fin.org.ua	247 KB
6	digitaltarget.ru 2 redirects dmg.digitaltarget.ru tag.digitaltarget.ru	21 KB
5	bumlam.com 3 redirects sync.bumlam.com	3 KB
5	google.com 2 redirects adservice.google.com www.google.com	1 KB
5	hotlog.ru 4 redirects hit4.hotlog.ru	2 KB
4	aidata.io 2 redirects x01.aidata.io	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	yadro.ru 3 redirects counter.yadro.ru	2 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	7 KB
3	yandex.ru 1 redirects an.yandex.ru	840 B
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
3	1dmp.io 2 redirects sync.1dmp.io	1 KB
3	com.ru 3 redirects adx.com.ru	1 KB
3	adsniper.ru 3 redirects sync3.adsniper.ru	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	2 KB
3	googletagservices.com www.googletagservices.com	102 KB
2	facebook.com 1 redirects www.facebook.com	1 KB
2	googleapis.com ajax.googleapis.com	59 KB
2	2mdn.net s0.2mdn.net	126 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	842 B
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	826 B
2	google.de adservice.google.de www.google.de	960 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	70 KB
1	gnezdo.ru fcgi4.gnezdo.ru	188 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	327 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	rktch.com ut.rktch.com	440 B
1	beeline.ru 1 redirects 0100007f05aefa60c602f067023b3b3b-sp.ops.beeline.ru	635 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	prodmp.ru 1 redirects prodmp.ru	278 B
1	relap.io relap.io	985 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm.hybrid.ai	238 B
1	utraff.com a.utraff.com	726 B
1	mail.ru ad.mail.ru	635 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	566 B
1	googleadservices.com partner.googleadservices.com	656 B
1	bigmir.net c.bigmir.net	715 B
1	raskrutka.kiev.ua www.raskrutka.kiev.ua	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
108	48

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net www.fin.org.ua tpc.googlesyndication.com pagead2.googlesyndication.com
15	www.acint.net	6 redirects www.fin.org.ua www.acint.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.fin.org.ua googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.fin.org.ua pagead2.googlesyndication.com tpc.googlesyndication.com
8	www.fin.org.ua	www.fin.org.ua
5	sync.bumlam.com	3 redirects www.acint.net
5	hit4.hotlog.ru	4 redirects www.fin.org.ua
4	x01.aidata.io	2 redirects www.acint.net
4	www.google.com	2 redirects www.fin.org.ua tpc.googlesyndication.com
4	counter.yadro.ru	3 redirects www.fin.org.ua
4	dmg.digitaltarget.ru	2 redirects www.acint.net
3	an.yandex.ru	1 redirects www.acint.net
3	sync.1dmp.io	2 redirects www.acint.net
3	adx.com.ru	3 redirects
3	sync3.adsniper.ru	3 redirects
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.facebook.com	1 redirects connect.facebook.net
2	ajax.googleapis.com	tpc.googlesyndication.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.fin.org.ua connect.facebook.net
1	api.advarkads.com	s3.advarkads.com
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	ut.rktch.com	www.acint.net
1	0100007f05aefa60c602f067023b3b3b-sp.ops.beeline.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	www.google.de	www.fin.org.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	www.fin.org.ua
1	www.raskrutka.kiev.ua	www.fin.org.ua
1	www.googletagmanager.com	www.fin.org.ua
1	fin.org.ua	1 redirects
108	59

This site contains links to these domains. Also see Links.

Domain
meet.fin.org.ua
stakhanov.net.ua
radioukr.com.ua
click.hotlog.ru
www.raskrutka.kiev.ua
www.bigmir.net
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.acint.net R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
*.hotlog.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-24` - `2021-10-25`	a year	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.bumlam.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
adlmerge.com R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
ut.rktch.com R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
new-programmatic.com R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh

This page contains 16 frames:

Primary Page: http://www.fin.org.ua/
Frame ID: A572DB505A02C3677E70243A8AFD7B10
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: 6022607AC6DF2C4B73E59B3BD0A9BF12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&adk=1812271804&adf=3025194257&lmt=1627041284&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.fin.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1627041285201&bpp=3&bdt=441&idt=69&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2190829158392&frm=20&pv=2&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=88
Frame ID: 9EFEF8B693CFF2D4A72F770822DE0A98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99
Frame ID: 754FAABF41715C21DD0ECD8131AB2FD6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117
Frame ID: 61BFD6BB501B1EF659728F3DCD02FDC7
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: CA4533BEB5FFF45B34B97008AA90DFD4
Requests: 32 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
Frame ID: 9A14CC4FA65996BBF5AB8FE5FD10FD46
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html
Frame ID: B96389D9F45C9980E31761CC9E6D4CA4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Ce5EqBa76YIfKE8ST-wa075TwAfzTisJjjriWy80NpqDA4ngQASCItMMEYJUCoAH_hK3tA8gBCagDAcgDSKoEzAFP0BKh7vqThZKvwtFsLHSLyei1LERQtogIC6WW7QHMN6-SJNv--GZJyShIGmGDxrajiGN-GCab2BUQ0yY2qmjw7LKrHKLImrOV9eDln-MyAaKwA6p28NVQ7d6mM7PrrJAadufhUUfFIb13QvZpU1lHoyZtv9DskmR8cnZQ1yn6NRnAOB_Y5L8eNvW4zO-l2aFFNAr_hrtkowtbax8WIshMPUw9gpc49l7qwkksmtzfyy5jFNKezjHcIiXHuF6aoQd4eOxQZGv8gwIVk5vABISAx8L4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEJD7mgHSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNjU4NTc2MDcxMDA1NDkwMg&sigh=30SSU6cLqzY&template_id=419
Frame ID: F335429BE13F6995D0A416C4F96DFEF2
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html
Frame ID: A5728A80B44B538C7E15A6E611A609E7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=COfbeBa76YOTgFOG5zAbaw764CfzTisJj3tmVy80N7-bz_QgQASCItMMEYJUCoAH_hK3tA8gBCagDAcgDSKoE3gFP0LZkdgrUbShJis8dGr1HAp9r7qj0YqnNC3WGL04xxu6nbZN-AN8E3WH-Dn6_D8AHtGXBBtWsV4VPeNb8z5twwKA0sMyWbGw4pYC2sxP1QHFaCKsv5rB6dip6VLiqJXYCCk1S__t2cb7dPGzAHl_mrIMlTYk2UEFGMxtbD-YGLNwUtPQduG_Kmw9DlDh7_1o9tdavk46YHbTUZ9hZysU052vR-gDG8UfGbj69Yi6RPhB5W62dylJ9p_r88LD7AvhteDE5EqDXvQln2M9G1I93Cxq4bH3b-d9wmInjF3jABNz_xsL4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJK9VNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi02NTg1NzYwNzEwMDU0OTAy&sigh=uXgdwT54DqI&template_id=419
Frame ID: 34CCD1F4A1E3C3E70383404D2E365F43
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0600A7D71624AB1DB190BC588FA0FD08
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A4A769DE4F235EFC749CFC98848C14A2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d734018cf27ec%2526domain%253Dwww.fin.org.ua%2526origin%253Dhttp%25253A%25252F%25252Fwww.fin.org.ua%25252Ff9037ab62063d8%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D227%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffin.org.ua%26locale%3Duk_UA%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D230
Frame ID: 0A6811CBECFFE885585F9B905465816E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 48627A788DD2FD9CEC509592640FAA74
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B38BE8D185918EED6AFC0AE747A0B27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fin.org.ua/ HTTP 301
http://www.fin.org.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

108
Requests

89 %
HTTPS

34 %
IPv6

48
Domains

59
Subdomains

41
IPs

7
Countries

1179 kB
Transfer

3227 kB
Size

42
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://meet.fin.org.ua/
Title: Знайомства

Search URL Search Domain Scan URL

URL: https://stakhanov.net.ua/
Title: http://stakhanov.net.ua/

Search URL Search Domain Scan URL

URL: https://radioukr.com.ua/game/pasyans-kosynka
Title: https://radioukr.com.ua/game/pasyans-kosynka

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?74831

Search URL Search Domain Scan URL

URL: http://www.raskrutka.kiev.ua/

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fin.org.ua/ HTTP 301
http://www.fin.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://connect.facebook.net/uk_UA/all.js HTTP 307
https://connect.facebook.net/uk_UA/all.js

Request Chain 12

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 13

http://hit4.hotlog.ru/cgi-bin/hotlog/count?0.8968375894263323&s=74831&im=134&r=&pg=http%3A//www.fin.org.ua/&c=Y& HTTP 302
http://hit4.hotlog.ru/cgi-bin/hotlog/count?0.8968375894263323&s=74831&im=134&r=&pg=http%3A//www.fin.org.ua/&c=Y&&hl_ignore=Y HTTP 302
http://hit4.hotlog.ru/cgi-bin/hotlog/count?0.8968375894263323&s=74831&im=134&r=&pg=http%3A//www.fin.org.ua/&c=Y&&hl_ignore=Y&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=abbc46b31cf4dccf6b79524618e340de&i=853553481&r=https://hit4.hotlog.ru/cgi-bin/hotlog/count?s%3D74831%26im%3D134%26hl_hitback%3DY HTTP 307
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=abbc46b31cf4dccf6b79524618e340de&i=853553481&r=https://hit4.hotlog.ru/cgi-bin/hotlog/count?s%3D74831%26im%3D134%26hl_hitback%3DY HTTP 307
https://hit4.hotlog.ru/cgi-bin/hotlog/count?s=74831&im=134&hl_hitback=Y HTTP 302
https://hit4.hotlog.ru/cgi-bin/hotlog/count?s=74831&im=134&hl_hitback=Y&hl_ignore=Y

Request Chain 15

http://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642 HTTP 302
https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642 HTTP 302
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642

Request Chain 32

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 33

http://www.acint.net/hit/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=57634442&u=http%3A%2F%2Fwww.fin.org.ua%2F&r=&rs=1600x1200&t=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Fin.Org.UA&oE=1&oP=1&dT=2021-07-23T13%3A54%3A45.372&fu=9809dd8e-4ac0-4a23-ae0f-7d8c3691de1e HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=57634442&u=http%3A%2F%2Fwww.fin.org.ua%2F&r=&rs=1600x1200&t=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Fin.Org.UA&oE=1&oP=1&dT=2021-07-23T13%3A54%3A45.372&fu=9809dd8e-4ac0-4a23-ae0f-7d8c3691de1e

Request Chain 34

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F05AEFA60C602F067023B3B3B&crf=1

Request Chain 35

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F05AEFA60230032BA02A81328

Request Chain 36

https://px.adhigh.net/p/cm/sape?u=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F05AEFA60C602F067023B3B3B&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=u0zTX1IXRxJ1.AikABlF60zfGhw

Request Chain 38

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4663215234 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=A5A86W60h4PPQW8mmbFuQjw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F05AEFA60C602F067023B3B3B

Request Chain 40

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=5c7683d2-d2ca-4763-bd72-0a0b136f90a5 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiF3OqHBlIEioaQK2IkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiF3OqHBlIEioaQK2IkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiF3OqHBmIkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiF3OqHBmIkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw**

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfwWu-mDGAvBnAjs7Ow HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 45

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F05AEFA60C602F067023B3B3B

Request Chain 48

https://adx.com.ru/sape-sync?uid=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60faae05f0e0158d52f15b51&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D60faae05f0e0158d52f15b51%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D60faae05f0e0158d52f15b51%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60faae05f0e0158d52f15b51%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D60faae05f0e0158d52f15b51%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60faae05f0e0158d52f15b51%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D60faae05f0e0158d52f15b51%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1520155486 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D60faae05f0e0158d52f15b51%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D60faae05f0e0158d52f15b51%2526dest%253D&webouid=PL1aIyLvQAnyULALWY4.Qu HTTP 302
https://prodmp.ru/yabbi.gif?uid=60faae05f0e0158d52f15b51&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D60faae05f0e0158d52f15b51%26dest%3D HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=60faae05f0e0158d52f15b51&dest=

Request Chain 49

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F05AEFA60C602F067023B3B3B&cs=1

Request Chain 50

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=IuKAgaCf0D-u

Request Chain 51

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=c5da5848-ea7a-52cc-8007-6a7be0fdc47e

Request Chain 52

https://0100007f05aefa60c602f067023b3b3b-sp.ops.beeline.ru/p?ssp=sp&id=0100007F05AEFA60C602F067023B3B3B HTTP 301
https://www.acint.net/match?dp=111&euid=abc8aa97-3063-4ed7-89dd-e39e69a10e7f

Request Chain 54

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F05AEFA60C602F067023B3B3B HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D123a8371-5d8c-49e6-bac3-ce5aa34e4abe&ssp=sape&exu=0100007F05AEFA60C602F067023B3B3B HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=123a8371-5d8c-49e6-bac3-ce5aa34e4abe&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FEjqDcV2MSea6w85ao05Kvg%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D123a8371-5d8c-49e6-bac3-ce5aa34e4abe%26sign%3D2265418160 HTTP 302
https://an.yandex.ru/setud/mts_banner/EjqDcV2MSea6w85ao05Kvg?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D123a8371-5d8c-49e6-bac3-ce5aa34e4abe&sign=2265418160

Request Chain 55

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=99b11c1a-807e-4771-6559-00e306c5bb72

Request Chain 56

https://s.uuidksinc.net/match/396/0100007F05AEFA60C602F067023B3B3B HTTP 302
https://www.acint.net/match?dp=127&euid=IOTpm88GTesYPJSEGjQZ

Request Chain 59

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F05AEFA60C602F067023B3B3B&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=50615288CA9D7630BB5E&back=STOP

Request Chain 60

https://sync.bumlam.com/?src=sap1&uid=0100007F05AEFA60C602F067023B3B3B HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiG3OqHBlIFrbKc-w9iIDAxMDAwMDdGMDVBRUZBNjBDNjAyRjA2NzAyM0IzQjNC HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQABiG3OqHBmIgMDEwMDAwN0YwNUFFRkE2MEM2MDJGMDY3MDIzQjNCM0KiARDGa8EE66wR66bpACWQyCQ3

Request Chain 61

https://an.yandex.ru/mapuid/sapeis/0100007F05AEFA60C602F067023B3B3B HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F05AEFA60C602F067023B3B3B?redir-setuniq=1

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 102

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d734018cf27ec%26domain%3Dwww.fin.org.ua%26origin%3Dhttp%253A%252F%252Fwww.fin.org.ua%252Ff9037ab62063d8%26relation%3Dparent.parent&color_scheme=light&container_width=227&header=false&href=https%3A%2F%2Fwww.facebook.com%2Ffin.org.ua&locale=uk_UA&sdk=joey&show_border=false&show_faces=true&stream=false&width=230 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d734018cf27ec%2526domain%253Dwww.fin.org.ua%2526origin%253Dhttp%25253A%25252F%25252Fwww.fin.org.ua%25252Ff9037ab62063d8%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D227%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffin.org.ua%26locale%3Duk_UA%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D230

Request Chain 108

http://www.acint.net/ping/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=15563287&dT=2021-07-23T13%3A54%3A48.374 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=15563287&dT=2021-07-23T13%3A54%3A48.374

108 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.fin.org.ua/
Redirect Chain

http://fin.org.ua/
http://www.fin.org.ua/

34 KB
12 KB

185ms
165ms

Document
text/html

91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 / PHP/5.4.45
Resource Hash: 7d09a5983cc6e4c5709fff524cf483d7644c852cbb3b80fdabe79c86e19506b7

Request headers

Host: www.fin.org.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.2
Date: Fri, 23 Jul 2021 11:54:44 GMT
Content-Type: text/html
Content-Length: 11594
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Expires: Fri, 23 Jul 2021 23:54:44 GMT
Cache-Control: no-cache, must-revalidate max-age=86400, private, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 23 Jul 2021 11:54:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.14.2
Date: Fri, 23 Jul 2021 11:54:44 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 191
Connection: keep-alive
Location: http://www.fin.org.ua/
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK bootstrap.min.css
www.fin.org.ua/css/ 103 KB
104 KB 101ms
86ms Stylesheet
text/css 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fin.org.ua/css/bootstrap.min.css
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: 397733364041c86da6e5df0150e120e3b642bb91b2edb6b0fa7f2661cfb1e122

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:44 GMT
Last-Modified: Thu, 23 May 2013 17:23:33 GMT
Server: nginx/1.14.2
ETag: "519e5095-19dd3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105939

GET
H/1.1 200
OK bootstrap-responsive.min.css
www.fin.org.ua/css/ 16 KB
17 KB 179ms
160ms Stylesheet
text/css 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fin.org.ua/css/bootstrap-responsive.min.css
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: 76a06227945b3f8215623543deed9aef209aad313f90eb1ab3b7ed367d0c238c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:44 GMT
Last-Modified: Thu, 23 May 2013 17:23:32 GMT
Server: nginx/1.14.2
ETag: "519e5094-41d1"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16849

GET
H/1.1 200
OK style.css
www.fin.org.ua/css/ 567 B
804 B 178ms
158ms Stylesheet
text/css 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fin.org.ua/css/style.css
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: f2d37d9d015cc4ea45a0431be12a5e5306349f5fc328e9cf704bbc629053fc75

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:44 GMT
Last-Modified: Thu, 27 Mar 2014 20:07:45 GMT
Server: nginx/1.14.2
ETag: "53348511-237"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 567

GET
H/1.1 200
OK jquery.min.js Show response
www.fin.org.ua/js/ 81 KB
81 KB 182ms
163ms Script
application/javascript 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fin.org.ua/js/jquery.min.js
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:44 GMT
Last-Modified: Thu, 23 May 2013 17:23:31 GMT
Server: nginx/1.14.2
ETag: "519e5093-14499"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83097

GET
H/1.1 200
OK bootstrap.min.js Show response
www.fin.org.ua/js/ 28 KB
28 KB 166ms
146ms Script
application/javascript 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fin.org.ua/js/bootstrap.min.js
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: 7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:44 GMT
Last-Modified: Thu, 23 May 2013 17:23:31 GMT
Server: nginx/1.14.2
ETag: "519e5093-6f7a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28538

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

212a09e0de6dd5d7386943f2fbef7c22eb8f4bbaf7726c449cdb258fb563691b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49287
x-xss-protection: 0
server: cafe
etag: 2795897176552484486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 11:54:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23003254-1

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a64563864e236b918455857be4b2d0ceb719467c5fcb125c81fa339463c59804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39841
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Jul 2021 11:54:45 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

212a09e0de6dd5d7386943f2fbef7c22eb8f4bbaf7726c449cdb258fb563691b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 23 Jul 2021 11:54:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2795897176552484486
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49287
X-XSS-Protection: 0
Expires: Fri, 23 Jul 2021 11:54:45 GMT

GET
H/1.1 200
OK cb_20071205215843Untitled-7_resize_1.jpg
www.fin.org.ua/share/ 2 KB
2 KB 88ms
87ms Image
image/jpeg 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fin.org.ua/share/cb_20071205215843Untitled-7_resize_1.jpg
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: 8a4d5f5f2ea403742aeb299ce8efe6ab0dfb7daf1a8c30822f73a7e76833fc83

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Last-Modified: Tue, 25 Mar 2014 23:16:09 GMT
Server: nginx/1.14.2
ETag: "53320e39-7ba"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1978

GET
H/1.1 200
OK enmz_sh_sm.jpg
www.fin.org.ua/share/ 2 KB
2 KB 87ms
86ms Image
image/jpeg 91.201.40.117
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fin.org.ua/share/enmz_sh_sm.jpg
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.201.40.117 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: vip4.deserv.net
Software: nginx/1.14.2 /
Resource Hash: 55bf0956eb40ccf33045ceb14eeec80afc80001ba86ee5e20e0c0fbdd1ed1c8c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fin.org.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.fin.org.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Last-Modified: Tue, 25 Mar 2014 23:16:10 GMT
Server: nginx/1.14.2
ETag: "53320e3a-683"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1667

GET
H/1.1 200
OK knopka88x31.gif
www.raskrutka.kiev.ua/images/ 2 KB
2 KB 175ms
116ms Image
image/gif 91.194.250.152
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.raskrutka.kiev.ua/images/knopka88x31.gif
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 91.194.250.152 Kyiv, Ukraine, ASN42352 (QOS, UA),
Reverse DNS: dd.rehost.com.ua
Software: nginx/1.14.0 /
Resource Hash: 809515d91f2005f2324652df8c9e3cca812e5de11f490245782defa8ab6e2581

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Last-Modified: Sat, 03 Mar 2007 11:05:58 GMT
Server: nginx/1.14.0
ETag: "51bbca-710-42ac3b5725180"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1808

GET
H2

200

all.js Show response
connect.facebook.net/uk_UA/
Redirect Chain

http://connect.facebook.net/uk_UA/all.js
https://connect.facebook.net/uk_UA/all.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/all.js

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33ea7dc9a4fcb695a6a81394aa00fab5959bc2f18f5ede936653c480ec9c2e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 52umYspqQBaWRCM1gX7QNg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: XTVSVHFSMj4Y3cYVcjvv0z/z9rK2+DyilvvJaGh+wjmfRqRJCYygFuLmTvi5ZrBF1zrdqbt2z0VNeyG9jc/vjQ==
x-fb-trip-id: 686109401
x-fb-content-md5: f0ea4fa411f5bdae98c1c843a7321e46
x-frame-options: DENY
etag: "744d6084d91e4b4888bcb7d75bad86ff"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 12:06:13 GMT

Redirect headers

Location: https://connect.facebook.net/uk_UA/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

21 KB
7 KB

119ms
40ms

Script
application/x-javascript

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:13 GMT
server: openresty
etag: "5ff0bb79-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Fri, 23 Jul 2021 23:54:45 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Fri, 23 Jul 2021 11:54:45 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

count
hit4.hotlog.ru/cgi-bin/hotlog/
Redirect Chain

http://hit4.hotlog.ru/cgi-bin/hotlog/count?0.8968375894263323&s=74831&im=134&r=&pg=http%3A//www.fin.org.ua/&c=Y&
http://hit4.hotlog.ru/cgi-bin/hotlog/count?0.8968375894263323&s=74831&im=134&r=&pg=http%3A//www.fin.org.ua/&c=Y&&hl_ignore=Y
http://hit4.hotlog.ru/cgi-bin/hotlog/count?0.8968375894263323&s=74831&im=134&r=&pg=http%3A//www.fin.org.ua/&c=Y&&hl_ignore=Y&hl_ignore=Y
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=abbc46b31cf4dccf6b79524618e340de&i=853553481&r=https://hit4.hotlog.ru/cgi-bin/hotlog/count?s%3D74831%26im%3D134%26hl_hitback%3DY
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=abbc46b31cf4dccf6b79524618e340de&i=853553481&r=https://hit4.hotlog.ru/cgi-bin/hotlog/count?s%3D74831%26im%3D134%26hl_hitback%3DY
https://hit4.hotlog.ru/cgi-bin/hotlog/count?s=74831&im=134&hl_hitback=Y
https://hit4.hotlog.ru/cgi-bin/hotlog/count?s=74831&im=134&hl_hitback=Y&hl_ignore=Y

421 B
455 B

82ms
81ms

Image
image/gif

89.208.236.251
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hit4.hotlog.ru/cgi-bin/hotlog/count?s=74831&im=134&hl_hitback=Y&hl_ignore=Y
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.208.236.251 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: HotLog/1.2 /
Resource Hash: 79b8b1265a3a74aac5968eca857f658af783805e09140f7445954ba9164cbe0c

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
server: HotLog/1.2
content-length: 421
content-type: image/gif

Redirect headers

location: /cgi-bin/hotlog/count?s=74831&im=134&hl_hitback=Y&hl_ignore=Y
date: Fri, 23 Jul 2021 11:54:46 GMT
server: HotLog/1.2
p3p: policyref="/p3p.xml", CP="NON ADM DEV TAI PSA PSD IVA OUR IND UNI COM NAV INT"
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK /
c.bigmir.net/ 460 B
715 B 125ms
105ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.bigmir.net/?v45221&s46827&t8&c1&n712405&w0&y0&d24&r1600
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 88058e95ae40e8ac92d82594b18ab6e8160a5144aa37d785c8540a0ff991ee95

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 11:54:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642
https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642

223 B
709 B

76ms
76ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e32f51096551cf56d8593fad5c9963ff762e4028a80721d70e14a7a2e82adf82

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 11:54:47 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 223
Expires: Wed, 22 Jul 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 11:54:47 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//www.fin.org.ua/;0.029304782146262642
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 22 Jul 2020 21:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6585760710054902&plah=www.fin.org.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Jul 2021 11:54:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame 6022 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210720/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Jul 2021 01:27:57 GMT
expires: Fri, 06 Aug 2021 01:27:57 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 37608
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 all.js Show response
connect.facebook.net/uk_UA/ 233 KB
68 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/all.js?hash=189ee950a414e4903a341e3ca89a2a99

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/uk_UA/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d0c4c49d70cbfea5757cc59709abd660834a76b6fbea24cb71cea03cc70a4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://www.fin.org.ua
Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UekFx0ltqAjFYXGxjygNTQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69168
x-fb-rlafr: 0
x-fb-debug: zP0g/he/6fzITda1C3ntRicsEkCEVEc5UeZWRrVElz+w/gAt5yNTzJRrc5oEBXIkXfZkArPsI/i9nMTIy73o0g==
x-fb-content-md5: 6af7a3a79d3229d13c345f68bdb10dc2
x-frame-options: DENY
date: Fri, 23 Jul 2021 11:54:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b87f1dff00ae4f1b7bced38fd57e4a28"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 23 Jul 2022 11:46:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23003254-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3826
date: Fri, 23 Jul 2021 10:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 23 Jul 2021 12:50:59 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2015113779&t=pageview&_s=1&dl=http%3A%2F%2Fwww.fin.org.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Fin.Org.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=879872599&gjid=108788116&cid=251153878.1627041285&tid=UA-23003254-1&_gid=1864081326.1627041285&_r=1&gtm=2ou7l1&z=1308368282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.fin.org.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
656 B 121ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.fin.org.ua&callback=_gfp_s_&client=ca-pub-6585760710054902

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6585760710054902&plah=www.fin.org.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

df063f20b20b439f1e96d69ddecbe17c3c5dae63f1bc617a531be38a30d4a786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 38ms
38ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwww.fin.org.ua%2F&tn=DIV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 11:54:45 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fin.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fin.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9EFE 12 KB
5 KB 266ms
266ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&adk=1812271804&adf=3025194257&lmt=1627041284&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.fin.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1627041285201&bpp=3&bdt=441&idt=69&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2190829158392&frm=20&pv=2&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=88

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a757c1b01e1d7a35d25c2b602a444dc15feec5cc87aff2fbbd07d22752d5de56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6585760710054902&output=html&adk=1812271804&adf=3025194257&lmt=1627041284&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.fin.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1627041285201&bpp=3&bdt=441&idt=69&shv=r20210720&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2190829158392&frm=20&pv=2&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Jul 2021 11:54:45 GMT
server: cafe
content-length: 4630
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 12:09:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Jul 2021 11:54:45 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867007956318"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27997
x-xss-protection: 0
expires: Fri, 23 Jul 2021 11:54:45 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-23003254-1&cid=251153878.1627041285&jid=879872599&gjid=108788116&_gid=1864081326.1627041285&_u=YEBAAUAAAAAAAC~&z=698415671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Jul 2021 11:54:45 GMT
content-type: text/plain
access-control-allow-origin: http://www.fin.org.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 754F 124 KB
39 KB 542ms
542ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eed2bdaefc26c768afe8d900127025c28f1262517f8cb015b7fbd62201426f23

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfg4o6R-fECFcTJ3godtDcFHg&gqi=Ba76YPeEE6SPxgLiqpfYBg&layout=/sadbundle/%24csp%253Der3%24/9683792992714686608/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfg4o6R-fECFcTJ3godtDcFHg&gqi=Ba76YPeEE6SPxgLiqpfYBg&layout=/sadbundle/%24csp%253Der3%24/9683792992714686608/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Jul 2021 11:54:45 GMT
server: cafe
content-length: 40383
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 12:09:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Jul 2021 11:54:45 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61BF 112 KB
35 KB 534ms
534ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f055a38dfe4fb914342922145eb626a9dc3a06b6cecee4468f5b8ee1c9955ef

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKT3446R-fECFeEc0wod2qEPlw&gqi=Ba76YJagFNe2mLAP4pKoIA&layout=/sadbundle/%24csp%253Der3%24/3241615405139317977/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKT3446R-fECFeEc0wod2qEPlw&gqi=Ba76YJagFNe2mLAP4pKoIA&layout=/sadbundle/%24csp%253Der3%24/3241615405139317977/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Jul 2021 11:54:45 GMT
server: cafe
content-length: 35633
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 12:09:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Jul 2021 11:54:45 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-23003254-1&cid=251153878.1627041285&jid=879872599&_u=YEBAAUAAAAAAAC~&z=544509215

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-23003254-1&cid=251153878.1627041285&jid=879872599&_u=YEBAAUAAAAAAAC~&z=544509215

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame CA45
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

3 KB
4 KB

41ms
40ms

Document
text/html

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: 2c70513709745e840a790d64eb67b9704e694f7f9ae00cb678df1f353f321656

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=10&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; aid=fwAAAWD6rgVn8ALGOzs7Alwxay5PBo7Jn/425XQjdZcxy5Qe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

server: openresty
date: Fri, 23 Jul 2021 11:54:45 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1627041285; expires=Sat, 24-Jul-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1627041285; expires=Fri, 06-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1627041285; expires=Fri, 06-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1627041285; expires=Fri, 06-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1627041285; expires=Sun, 22-Aug-21 11:54:45 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Fri, 23 Jul 2021 11:54:45 GMT
content-type: text/html
content-length: 154
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 23-Jul-21 12:04:45 GMT aid=fwAAAWD6rgVn8ALGOzs7Alwxay5PBo7Jn/425XQjdZcxy5Qe; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location: /mc/?dp=10&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=57634442&u=http%3A%2F%2Fwww.fin.org.ua%2F&r=&rs=1600x1200&t=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0...
https://www.acint.net/hit/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=57634442&u=http%3A%2F%2Fwww.fin.org.ua%2F&r=&rs=1600x1200&t=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D...

43 B
339 B

39ms
38ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=57634442&u=http%3A%2F%2Fwww.fin.org.ua%2F&r=&rs=1600x1200&t=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Fin.Org.UA&oE=1&oP=1&dT=2021-07-23T13%3A54%3A45.372&fu=9809dd8e-4ac0-4a23-ae0f-7d8c3691de1e
Requested by: Host: www.fin.org.ua
URL: http://www.fin.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=57634442&u=http%3A%2F%2Fwww.fin.org.ua%2F&r=&rs=1600x1200&t=%D0%A4%D1%96%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Fin.Org.UA&oE=1&oP=1&dT=2021-07-23T13%3A54%3A45.372&fu=9809dd8e-4ac0-4a23-ae0f-7d8c3691de1e
Date: Fri, 23 Jul 2021 11:54:45 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

match
ads.betweendigital.com/ Frame CA45
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F05AEFA60C602F067023B3B3B
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F05AEFA60C602F067023B3B3B&crf=1

68 B
607 B

57ms
57ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F05AEFA60C602F067023B3B3B&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F05AEFA60C602F067023B3B3B&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame CA45
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F05AEFA60230032BA02A81328

43 B
269 B

40ms
38ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F05AEFA60230032BA02A81328
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F05AEFA60230032BA02A81328
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame CA45
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F05AEFA60C602F067023B3B3B
https://px.adhigh.net/p/cm/sape?u=0100007F05AEFA60C602F067023B3B3B&bounced=1
https://acint.net/match?dp=17&euid=u0zTX1IXRxJ1.AikABlF60zfGhw

43 B
269 B

40ms
39ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=u0zTX1IXRxJ1.AikABlF60zfGhw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=u0zTX1IXRxJ1.AikABlF60zfGhw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame CA45 43 B
635 B 134ms
48ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Last-Modified: Fri, 23 Jul 2021 11:54:45 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 23 Jul 2021 17:54:45 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame CA45
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4663215234
https://www.acint.net/rmatch?dp=45&euid=A5A86W60h4PPQW8mmbFuQjw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F05AEFA60C602F067023B3B3B

42 B
201 B

239ms
93ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Fri, 23 Jul 2021 11:54:45 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F05AEFA60C602F067023B3B3B
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame CA45 0
726 B 52ms
31ms Image
text/plain 2606:4700:20::681a:5db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c1FlEvfLeb7zWH8O75vY%2BKC99N5QElezfSnGBh1udgF3pJVKRWV%2FMkk769oG%2BEy3BA2ZwFBpTUuMRT%2BnGPO33wij3h%2FURwZen50NVe%2FCySfWn0LVaoIsbX1UNmKdWjoESH6GIU4u%2Fn7PA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6734b742bc7f4a92-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame CA45
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=5c7683d2-d2ca-4763-bd72-0a0b136f90a5
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiF3OqHBlIEioaQK2IkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiF3OqHBlIEioaQK2IkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiF3OqHBmIkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiF3OqHBmIkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw**

43 B
552 B

30ms
30ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARiF3OqHBmIkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Server: nginx
ETag: c66bc104-ebac-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARiF3OqHBmIkNWM3NjgzZDItZDJjYS00NzYzLWJkNzItMGEwYjEzNmY5MGE1ogEQxmvBBOusEeum6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame CA45 0
238 B 219ms
70ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007F05AEFA60C602F067023B3B3B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 118
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame CA45 3 KB
3 KB 292ms
95ms Script
application/javascript 185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Last-Modified: Fri, 23 Jul 2021 09:08:19 GMT
Server: nginx
ETag: "60fa8703-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame CA45 0
69 B 123ms
39ms Image
text/plain 148.251.4.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.4.142 Schlanstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.4.251.148.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Jul 2021 11:54:45 GMT
server: nginx/1.17.6

GET
H2

200

match
www.acint.net/ Frame CA45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfwWu-mDGAvBnAjs7Ow
https://www.acint.net/match?dp=77&euid=

43 B
269 B

39ms
38ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame CA45
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F05AEFA60C602F067023B3B3B
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F05AEFA60C602F067023B3B3B

43 B
115 B

133ms
44ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Fri, 23 Jul 2021 11:54:46 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F05AEFA60C602F067023B3B3B
date: Fri, 23 Jul 2021 11:54:43 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame CA45 42 B
201 B 378ms
96ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame CA45 43 B
985 B 259ms
88ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F05AEFA60C602F067023B3B3B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back16
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

204

0.gif
x01.aidata.io/ Frame CA45
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F05AEFA60C602F067023B3B3B
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F05AEFA60C602F067023B3B3B
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60faae05f0e0158d52f15b51&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60faae05f0e0158d52f15b51%2526r%253Dhttps%25253A...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60faae05f0e0158d52f15b51%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D60faae05f0e0158d52f15b51%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D60faae05f0...
https://prodmp.ru/yabbi.gif?uid=60faae05f0e0158d52f15b51&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D60faae05f0e0158d52f15b51%26dest%3D
https://x01.aidata.io/0.gif?pid=9712851&id=60faae05f0e0158d52f15b51&dest=

0
433 B

79ms
79ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9712851&id=60faae05f0e0158d52f15b51&dest=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:46 GMT
last-modified: Fri, 23 Jul 2021 11:54:45 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 23 Jul 2021 11:54:45 GMT

Redirect headers

location: https://x01.aidata.io/0.gif?pid=9712851&id=60faae05f0e0158d52f15b51&dest=
date: Fri, 23 Jul 2021 11:54:46 GMT
access-control-allow-credentials: true
server: nginx
content-type: image/gif
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame CA45
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F05AEFA60C602F067023B3B3B
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F05AEFA60C602F067023B3B3B&cs=1

35 B
376 B

39ms
39ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F05AEFA60C602F067023B3B3B&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F05AEFA60C602F067023B3B3B&cs=1
date: Fri, 23 Jul 2021 11:54:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame CA45
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=IuKAgaCf0D-u

43 B
269 B

39ms
38ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=IuKAgaCf0D-u
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=IuKAgaCf0D-u
Date: Fri, 23 Jul 2021 11:54:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame CA45
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=c5da5848-ea7a-52cc-8007-6a7be0fdc47e

43 B
269 B

39ms
39ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=c5da5848-ea7a-52cc-8007-6a7be0fdc47e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=c5da5848-ea7a-52cc-8007-6a7be0fdc47e
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
www.acint.net/ Frame CA45
Redirect Chain

https://0100007f05aefa60c602f067023b3b3b-sp.ops.beeline.ru/p?ssp=sp&id=0100007F05AEFA60C602F067023B3B3B
https://www.acint.net/match?dp=111&euid=abc8aa97-3063-4ed7-89dd-e39e69a10e7f

43 B
269 B

39ms
39ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=abc8aa97-3063-4ed7-89dd-e39e69a10e7f
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 23 Jul 2021 11:54:46 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=abc8aa97-3063-4ed7-89dd-e39e69a10e7f
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.37
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ Frame CA45 0
440 B 251ms
83ms Image
text/plain 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

EjqDcV2MSea6w85ao05Kvg
an.yandex.ru/setud/mts_banner/ Frame CA45
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F05AEFA60C602F067023B3B3B
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D123a8371-5d8c-49e6-bac3-ce5aa34e4abe&ssp=sape&exu=0100007F05AEFA60C602F067023B3B3B
https://tech.rtb.mts.ru/?dsp_uid=123a8371-5d8c-49e6-bac3-ce5aa34e4abe&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FEjqDcV2MSea6w85ao05Kvg%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/EjqDcV2MSea6w85ao05Kvg?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D123a8371-5d8c-49e6-bac3-ce5aa34e4abe&sign=2265418160

43 B
176 B

62ms
61ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/EjqDcV2MSea6w85ao05Kvg?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D123a8371-5d8c-49e6-bac3-ce5aa34e4abe&sign=2265418160

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:47 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 11:54:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 23 Jul 2021 11:54:47 GMT

Redirect headers

Date: Fri, 23 Jul 2021 11:54:47 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/EjqDcV2MSea6w85ao05Kvg?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D123a8371-5d8c-49e6-bac3-ce5aa34e4abe&sign=2265418160
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame CA45
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=99b11c1a-807e-4771-6559-00e306c5bb72

43 B
269 B

40ms
39ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=99b11c1a-807e-4771-6559-00e306c5bb72
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=99b11c1a-807e-4771-6559-00e306c5bb72
date: Fri, 23 Jul 2021 11:54:46 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame CA45
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F05AEFA60C602F067023B3B3B
https://www.acint.net/match?dp=127&euid=IOTpm88GTesYPJSEGjQZ

43 B
269 B

39ms
38ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=IOTpm88GTesYPJSEGjQZ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 23 Jul 2021 11:54:46 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=IOTpm88GTesYPJSEGjQZ
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame CA45 0
215 B 255ms
83ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Jul 2021 11:51:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F05AEFA60C602F067023B3B3B
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame CA45 0
188 B 245ms
85ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame CA45
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F05AEFA60C602F067023B3B3B
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F05AEFA60C602F067023B3B3B&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=50615288CA9D7630BB5E&back=STOP

0
433 B

79ms
79ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=50615288CA9D7630BB5E&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:46 GMT
last-modified: Fri, 23 Jul 2021 11:54:45 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 23 Jul 2021 11:54:45 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=50615288CA9D7630BB5E&back=STOP
Date: Fri, 23 Jul 2021 11:54:48 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 262
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame CA45
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F05AEFA60C602F067023B3B3B
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiG3OqHBlIFrbKc-w9iIDAxMDAwMDdGMDVBRUZBNjBDNjAyRjA2NzAyM0IzQjNC
https://sync.bumlam.com/?src=sap1&s_data=CAIQABiG3OqHBmIgMDEwMDAwN0YwNUFFRkE2MEM2MDJGMDY3MDIzQjNCM0KiARDGa8EE66wR66bpACWQyCQ3

0
523 B

30ms
30ms

Image
text/html

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQABiG3OqHBmIgMDEwMDAwN0YwNUFFRkE2MEM2MDJGMDY3MDIzQjNCM0KiARDGa8EE66wR66bpACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Server: nginx
ETag: c66bc104-ebac-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQABiG3OqHBmIgMDEwMDAwN0YwNUFFRkE2MEM2MDJGMDY3MDIzQjNCM0KiARDGa8EE66wR66bpACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0100007F05AEFA60C602F067023B3B3B
an.yandex.ru/mapuid/sapeis/ Frame CA45
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F05AEFA60C602F067023B3B3B
https://an.yandex.ru/mapuid/sapeis/0100007F05AEFA60C602F067023B3B3B?redir-setuniq=1

43 B
108 B

51ms
51ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F05AEFA60C602F067023B3B3B?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:46 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 11:54:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 23 Jul 2021 11:54:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:46 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 11:54:46 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F05AEFA60C602F067023B3B3B?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 23 Jul 2021 11:54:46 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 9A14 187 B
404 B 112ms
93ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.acint.net/

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6734b742bc3e4a79-FRA
content-encoding: gzip

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 9A14 20 KB
7 KB 16ms
16ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af705d0258809a85166f697f19b2ba882f9c8de4d89d3d39052d0127b1a4e9a5

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 10 Jul 2021 08:03:25 GMT
server: cloudflare
age: 8
etag: "80c45f6275d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6734b7435d6b4a79-FRA
content-length: 6672

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 9A14 43 B
389 B 260ms
98ms Image
image/gif 88.212.233.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F05AEFA60C602F067023B3B3B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.233.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.1 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 11:54:35 GMT
Server: nginx/1.14.1
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame CA45 15 KB
16 KB 170ms
170ms Script
application/javascript 185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=552791380504963
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 06af59f550ee5358217c3bd4152bc62608cc068e965703035c0be6579e6d803a

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Last-Modified: Fri, 23 Jul 2021 09:08:19 GMT
Server: nginx
ETag: "60fa8703-3db4"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15796

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 754F 67 B
550 B 26ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 12:06:16 GMT
x-content-type-options: nosniff
server: cafe
age: 85709
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 23 Jul 2021 12:06:16 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/ Frame B963 3 KB
1 KB 24ms
9ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65b24197b8dcf2335268348d54e8b423fc0ac8920294313fe535c8c142172dcc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9683792992714686608/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1309
date: Mon, 19 Jul 2021 19:06:23 GMT
expires: Tue, 19 Jul 2022 19:06:23 GMT
last-modified: Thu, 15 Apr 2021 13:45:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 319702
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F335 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce5EqBa76YIfKE8ST-wa075TwAfzTisJjjriWy80NpqDA4ngQASCItMMEYJUCoAH_hK3tA8gBCagDAcgDSKoEzAFP0BKh7vqThZKvwtFsLHSLyei1LERQtogIC6WW7QHMN6-SJNv--GZJyShIGmGDxrajiGN-GCab2BUQ0yY2qmjw7LKrHKLImrOV9eDln-MyAaKwA6p28NVQ7d6mM7PrrJAadufhUUfFIb13QvZpU1lHoyZtv9DskmR8cnZQ1yn6NRnAOB_Y5L8eNvW4zO-l2aFFNAr_hrtkowtbax8WIshMPUw9gpc49l7qwkksmtzfyy5jFNKezjHcIiXHuF6aoQd4eOxQZGv8gwIVk5vABISAx8L4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEJD7mgHSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNjU4NTc2MDcxMDA1NDkwMg&sigh=30SSU6cLqzY&template_id=419

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Jul 2021 11:54:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame F335 18 KB
7 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 11:52:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame F335 2 KB
1 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 11:51:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F335 124 KB
37 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867014740240"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 23 Jul 2021 11:54:45 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame F335 14 KB
6 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 11:53:59 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/ Frame A572 3 KB
1 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acee0cf17dccc2ca75ae63faae461d2e7ce00899ae95f86b9c177b98e2cb0ed7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3241615405139317977/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1311
date: Tue, 20 Jul 2021 00:43:24 GMT
expires: Wed, 20 Jul 2022 00:43:24 GMT
last-modified: Thu, 15 Apr 2021 13:46:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 299481
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34CC 0
0 45ms
43ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COfbeBa76YOTgFOG5zAbaw764CfzTisJj3tmVy80N7-bz_QgQASCItMMEYJUCoAH_hK3tA8gBCagDAcgDSKoE3gFP0LZkdgrUbShJis8dGr1HAp9r7qj0YqnNC3WGL04xxu6nbZN-AN8E3WH-Dn6_D8AHtGXBBtWsV4VPeNb8z5twwKA0sMyWbGw4pYC2sxP1QHFaCKsv5rB6dip6VLiqJXYCCk1S__t2cb7dPGzAHl_mrIMlTYk2UEFGMxtbD-YGLNwUtPQduG_Kmw9DlDh7_1o9tdavk46YHbTUZ9hZysU052vR-gDG8UfGbj69Yi6RPhB5W62dylJ9p_r88LD7AvhteDE5EqDXvQln2M9G1I93Cxq4bH3b-d9wmInjF3jABNz_xsL4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJK9VNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi02NTg1NzYwNzEwMDU0OTAy&sigh=uXgdwT54DqI&template_id=419

Requested by

Host: www.fin.org.ua
URL: http://www.fin.org.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Jul 2021 11:54:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 34CC 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 11:52:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 34CC 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 11:51:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34CC 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626867014740240"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 23 Jul 2021 11:54:45 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 34CC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Aug 2021 11:53:59 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0600 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm5wyNY5rz0wjhSS6HjgkAz5q5KWs5dGnUIJHELTtZ3IvHacAiVBdAH-_1oHgU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=8556992930&adk=3279767743&adf=1155252437&pi=t.ma~as.8556992930&w=893&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=893x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285206&bpp=2&bdt=446&idt=91&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=NVYXnpiOGr&p=http%3A//www.fin.org.ua&dtd=99

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 23 Jul 2021 11:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F335 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d28eec532f73c39319f8e32a17a2d233353fdda8569749a9ab9f929f54876fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A4A7 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm5wyNY5rz0wjhSS6HjgkAz5q5KWs5dGnUIJHELTtZ3IvHacAiVBdAH-_1oHgU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6585760710054902&output=html&h=280&slotname=6426147495&adk=616998558&adf=1180739716&pi=t.ma~as.6426147495&w=360&fwrn=4&fwrnh=100&lmt=1627041284&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fwww.fin.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1627041285208&bpp=1&bdt=448&idt=114&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C893x280&nras=1&correlator=2190829158392&frm=20&pv=1&ga_vid=251153878.1627041285&ga_sid=1627041285&ga_hid=2015113779&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=953&ady=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=4301841883924663&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=HwI5K59rqM&p=http%3A//www.fin.org.ua&dtd=117

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 23 Jul 2021 11:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B963 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Jul 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B963 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Jul 2021 12:37:33 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B963 236 KB
63 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jul 2021 11:54:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame B963 84 KB
30 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Jul 2022 11:07:23 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/ Frame B963 298 KB
41 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ccf811e1699be57a8d36d2ea347c5f9ca6897d0ffa6dc8677e21c4f80dfeb31

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 289106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42033
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:45:56 GMT
server: sffe
date: Tue, 20 Jul 2021 03:36:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:36:20 GMT

GET
DATA 200
OK truncated
/ Frame 34CC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bdc1f7a798f0ac3d0f8f4f68306f73bcda348b2c8d2c85487718000b9729a25

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A572 9 KB
3 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Jul 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A572 26 KB
10 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 23 Jul 2021 12:37:33 GMT

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A572 236 KB
63 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jul 2021 11:54:46 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame A572 84 KB
29 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Jul 2022 11:07:23 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/ Frame A572 175 KB
23 KB 16ms
8ms Script
application/x-javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf29c6c1101cf52657bf4dc5e2190f7cb44f13581dda543c7845f46904e5b264

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 251157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23711
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:46:13 GMT
server: sffe
date: Tue, 20 Jul 2021 14:08:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:08:49 GMT

GET
H3-29 200 index_atlas_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/ Frame B963 4 KB
4 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9683792992714686608/index_atlas_.png?1584532320842

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c393c26245592b719dd4e16cbc787c4a9fa0239f9b6402a7fc2af109e26fce0b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 270505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4045
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:45:56 GMT
server: sffe
date: Tue, 20 Jul 2021 08:46:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 08:46:21 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0600
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm5wyNY5rz0wjhSS6HjgkAz5q5KWs5dGnUIJHELTtZ3IvHacAiVBdAH-_1oHgU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Jul 2021 11:54:46 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 23-Jul-2021 12:54:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Jul 2021 11:54:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Jul 2021 11:54:46 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index_atlas_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/ Frame A572 366 B
393 B 7ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3241615405139317977/index_atlas_.png?1583930285087

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf22c770b8efd337825b8c95b64243ff1ee5037015dfd8d85f7fe2248df54c26

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 321835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:46:13 GMT
server: sffe
date: Mon, 19 Jul 2021 18:30:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:30:51 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A4A7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
16ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm5wyNY5rz0wjhSS6HjgkAz5q5KWs5dGnUIJHELTtZ3IvHacAiVBdAH-_1oHgU; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Jul 2021 11:54:46 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 23-Jul-2021 12:54:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Jul 2021 11:54:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Jul 2021 11:54:46 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B963 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A572 34 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/1093/i/ Frame CA45 49 B
603 B 204ms
204ms Image
image/gif 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/1093/i/i?i=443943104437745.689143756212664&a=77&e=0100007F05AEFA60C602F067023B3B3B&pref=http%3A%2F%2Fwww.fin.org.ua%2F&c=ss:77.up:0100007F05AEFA60C602F067023B3B3B.sync:up.xdua:du_gIWE3huyderhmmYvrKKJ4.xps:xpsfngi4v8NgVAdFqnc298VLh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 96
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/1093/i/ Frame CA45 49 B
602 B 285ms
98ms Image
image/gif 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/1093/i/i?i=443943104437745.592696805707276&a=77&e=0100007F05AEFA60C602F067023B3B3B&pref=http%3A%2F%2Fwww.fin.org.ua%2F&c=ss:77.up:0100007F05AEFA60C602F067023B3B3B.sync:up.xdua:du_gIWE3huyderhmmYvrKKJ4.xps:xpsfngi4v8NgVAdFqnc298VLh.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 11:54:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 6
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bea638291294a0310f9cb57be59995a7995a0f138fe4606b51fd4c2579341057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Jul 2021 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8462
x-xss-protection: 0

GET
H3-29

200

/
www.facebook.com/login/ Frame 0A68
Redirect Chain

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d734018cf27ec%26domain%3Dwww.fin.org.ua%26ori...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...

0
0

96ms
96ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d734018cf27ec%2526domain%253Dwww.fin.org.ua%2526origin%253Dhttp%25253A%25252F%25252Fwww.fin.org.ua%25252Ff9037ab62063d8%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D227%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffin.org.ua%26locale%3Duk_UA%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D230

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/all.js?hash=189ee950a414e4903a341e3ca89a2a99

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d734018cf27ec%2526domain%253Dwww.fin.org.ua%2526origin%253Dhttp%25253A%25252F%25252Fwww.fin.org.ua%25252Ff9037ab62063d8%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D227%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffin.org.ua%26locale%3Duk_UA%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D230
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ncNsEUwjIk8JDdEETt3nLMQlXQ6ly+pm9b9OIGTZ7zdY8j/NzPHvBDuCbRC3vb7XsM/VB7CMJ8q+yYkWmy1rAg==
date: Fri, 23 Jul 2021 11:54:47 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d734018cf27ec%2526domain%253Dwww.fin.org.ua%2526origin%253Dhttp%25253A%25252F%25252Fwww.fin.org.ua%25252Ff9037ab62063d8%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D227%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffin.org.ua%26locale%3Duk_UA%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D230
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: mMfmVRfVlMlRb9kKUL2fRQRnxj+IzgyK/gspUH0G2+o2HIqB+2HpHz5WwdPyF8Hfo5hT6kck7vmZ7LCHaa+sFA==
content-length: 0
date: Fri, 23 Jul 2021 11:54:47 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 23 Jul 2021 11:54:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4862 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 23 Jul 2021 11:26:57 GMT
expires: Sat, 23 Jul 2022 11:26:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B38 783 B
779 B 19ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d70a275c82944f65208b3c2ad33690f6fd13a044e472cfc751de7431ca45518

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IAftmE3gfB7IuJEOSb4jgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fin.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.fin.org.ua/

Response headers

expires: Fri, 23 Jul 2021 11:54:47 GMT
date: Fri, 23 Jul 2021 11:54:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IAftmE3gfB7IuJEOSb4jgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4862 34 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 00:44:08 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=4301841883924663&bg=!CQqlCk7NAAbnC78O5ws7ACkAdvg8WtHds3NU9RHw9d7lVbQjgdS2BmY-WnnipiY9ipYisraECKsR7AIAAABwUgAAAA1oAQcKAMKtMpUvQgHtk_qGJYKSOUOO2hY59k5v621_ww0vzKFT3K7K3BZ9zqvvRZvl4wzZ6eHgX6KxB4z1HoXnCWpP_c3hmowtZ_5-q_yqJjz-Z3qQieRtgStBjM9EeO42N_yShdgVejWV3z9OZznBceYbZczCe-1qpLx5gaOPIZsN_LTPFOyt0LVn2yPTw2DcebLkt3tzhOSSDcgQJ-EqI6CdBvAVArBPdJpsZF-t2i5uLcsUQwCNa_EEosaMUv7G7sEK-cwqW5kCgu3Vjdn02EJokX3ZwWgORXbUjApTJKt_ismY22W-ukKn3HRp565Zp_UGr5lSK62aNZ_vCFxKEEL9qoCef3EFfyWzrKbzRo86DXE0k8WPMLXJBGWvZ7UsHUlzytLzoQGZgaF3B97HmfF5NtLQs5c9IG1JyZjeXAsjyRRtdVYhiC-r1dXw5ahmTs4vSZyeL2EWAui4x-XnRnVWD2qlnZY0BaXCOIqkZgLmgRtCsHRB1fCUtcI-BCfwUEDF_PED6ZosdHAPPIid0312YFJUWHXjP_-8RTewECnRlsNGcC5BwhLlHMK7WuoOTI4ul54em23F6d-C7BTyAJ73zLNtvAloUCytaKqUWOJ6N3atL-r2Tyz1CfqxoPnPANMF8YqsBryOHEJG1Sd0vLshcCIh2QS-bDNHdmj_CC9DmUdoRtXSlnBo7S7SHpkvpkNA5NHVYn-I37FaxFIBQB5GP7tsjx_Gu1KyYgX0jP3Ambyvn2dFX8E3m1xJAo7SyjSVNma3B6BVKQdcbOQ9hYZr0xJtzXGwSTWWj58_JOB5mbw2fFTVKBNebGx_FohWYkLucGMu4PLb8n1RXWcRNAYK9tf0nSEl5q4NFP7vex5qxOBABTiO_yqP5Ot8qJS9HdONPEezDyv3M5STqN3aKomRZ4JomCP7xBYRBOzdbmSYwPx4auxC66eFm8fs6wb4mPOG-FfsmfLheTv3ieokrr6YDNE5UeaTRNQeDe3oSmwOSaZvRHIIOUx4yFzNx-RfLZ0FwFo5Y6CVKm60rUoT4QyhfHSUlQhS1UR3Vip1LGaFLbMrAJkNgQixQBa730rVedIVYssYrIDqMyLTYksTUSQkmNebCnEIIIDZ1g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 11:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=15563287&dT=2021-07-23T13%3A54%3A48.374
https://www.acint.net/ping/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=15563287&dT=2021-07-23T13%3A54%3A48.374

43 B
340 B

38ms
38ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=15563287&dT=2021-07-23T13%3A54%3A48.374
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.fin.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 11:54:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=03440268-8454-42b3-8ac2-4e414d5550e1&dp=10&tz=%2B02%3A00&nc=15563287&dT=2021-07-23T13%3A54%3A48.374
Date: Fri, 23 Jul 2021 11:54:48 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp151 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp144 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp138 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp127 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp126 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp125 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp107 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp149 Value: 1627041285
.acint.net/	1970-01-19 20:17:30	Name: cSyncDp104v2 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp95v2 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp88 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp84 Value: 1627041285
.acint.net/	1970-01-19 20:17:30	Name: cSyncDp111v2 Value: 1627041285
.acint.net/	1970-01-19 20:17:30	Name: cSyncDp77 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp67v2 Value: 1627041285
.acint.net/	1970-01-19 19:58:47	Name: cSyncDp45v3 Value: 1627041285
www.fin.org.ua/	1969-12-31 23:59:59	Name: b Value: b
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp32 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp14v3 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp17 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp7v2 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp112v2 Value: 1627041285
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWD6rgVn8ALGOzs7Alwxay5PBo7Jn/425XQjdZcxy5Qe
.fin.org.ua/	1970-01-20 13:28:33	Name: _ga Value: GA1.3.251153878.1627041285
.doubleclick.net/	1970-01-19 19:57:22	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp54v2 Value: 1627041285
.doubleclick.net/	1970-01-19 19:57:24	Name: DSID Value: NO_DATA
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp85 Value: 1627041285
.doubleclick.net/	1970-01-20 05:18:57	Name: IDE Value: AHWqTUm5wyNY5rz0wjhSS6HjgkAz5q5KWs5dGnUIJHELTtZ3IvHacAiVBdAH-_1oHgU
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp101 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp68 Value: 1627041285
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp136 Value: 1627041285
www.fin.org.ua/	1978-01-11 21:31:40	Name: fid Value: 9809dd8e-4ac0-4a23-ae0f-7d8c3691de1e
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp62 Value: 1627041285
.fin.org.ua/	1970-01-19 19:57:21	Name: _gat_gtag_UA_23003254_1 Value: 1
www.fin.org.ua/	1969-12-31 23:59:59	Name: hotlog Value: 1
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp53 Value: 1627041285
.acint.net/	1970-01-19 19:57:21	Name: test_cookie Value: CheckForPermission
.advarkads.com/	1970-01-20 13:28:33	Name: u Value: EAJjNQ8K20S5DsgaMKZ54w
.acint.net/	1970-01-19 20:40:33	Name: cSyncDp146 Value: 1627041285
.fin.org.ua/	1970-01-19 19:58:47	Name: _gid Value: GA1.3.1864081326.1627041285
.fin.org.ua/	1970-01-20 05:18:57	Name: __gads Value: ID=2d96ac3ab39ab844-229f41f78ac8000f:T=1627041285:RT=1627041285:S=ALNI_MYBGfuJcG7qJSmd-FJ2OjtqOREGtg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f05aefa60c602f067023b3b3b-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
ajax.googleapis.com
an.yandex.ru
api.advarkads.com
c.bigmir.net
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fin.org.ua
googleads.g.doubleclick.net
hit4.hotlog.ru
match.new-programmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s0.2mdn.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
stats.g.doubleclick.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.facebook.com
www.fin.org.ua
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.raskrutka.kiev.ua
x01.aidata.io
109.248.237.37
116.202.51.238
136.243.148.229
142.250.184.226
142.250.186.98
144.76.118.200
148.251.4.142
185.15.175.146
185.15.175.159
188.34.131.132
188.42.191.196
193.106.93.124
193.232.148.143
193.239.68.97
194.190.117.93
195.201.243.71
195.209.108.48
213.87.44.187
217.65.2.150
217.66.147.169
2606:4700:10::6816:557
2606:4700:20::681a:5db
2a00:1148:db00::17
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9c
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.23
37.9.245.57
80.64.106.147
81.222.128.215
88.212.201.198
88.212.233.36
89.108.119.43
89.108.97.2
89.208.236.251
91.194.250.152
91.201.40.117
93.95.102.105
95.163.37.253
95.211.66.35
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06af59f550ee5358217c3bd4152bc62608cc068e965703035c0be6579e6d803a
0ccf811e1699be57a8d36d2ea347c5f9ca6897d0ffa6dc8677e21c4f80dfeb31
0d0c4c49d70cbfea5757cc59709abd660834a76b6fbea24cb71cea03cc70a4d6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1d28eec532f73c39319f8e32a17a2d233353fdda8569749a9ab9f929f54876fe
1d70a275c82944f65208b3c2ad33690f6fd13a044e472cfc751de7431ca45518
212a09e0de6dd5d7386943f2fbef7c22eb8f4bbaf7726c449cdb258fb563691b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c70513709745e840a790d64eb67b9704e694f7f9ae00cb678df1f353f321656
33ea7dc9a4fcb695a6a81394aa00fab5959bc2f18f5ede936653c480ec9c2e18
397733364041c86da6e5df0150e120e3b642bb91b2edb6b0fa7f2661cfb1e122
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55bf0956eb40ccf33045ceb14eeec80afc80001ba86ee5e20e0c0fbdd1ed1c8c
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5f055a38dfe4fb914342922145eb626a9dc3a06b6cecee4468f5b8ee1c9955ef
65b24197b8dcf2335268348d54e8b423fc0ac8920294313fe535c8c142172dcc
6bdc1f7a798f0ac3d0f8f4f68306f73bcda348b2c8d2c85487718000b9729a25
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6
76a06227945b3f8215623543deed9aef209aad313f90eb1ab3b7ed367d0c238c
79b8b1265a3a74aac5968eca857f658af783805e09140f7445954ba9164cbe0c
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
7d09a5983cc6e4c5709fff524cf483d7644c852cbb3b80fdabe79c86e19506b7
809515d91f2005f2324652df8c9e3cca812e5de11f490245782defa8ab6e2581
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88058e95ae40e8ac92d82594b18ab6e8160a5144aa37d785c8540a0ff991ee95
8a4d5f5f2ea403742aeb299ce8efe6ab0dfb7daf1a8c30822f73a7e76833fc83
8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a64563864e236b918455857be4b2d0ceb719467c5fcb125c81fa339463c59804
a757c1b01e1d7a35d25c2b602a444dc15feec5cc87aff2fbbd07d22752d5de56
acee0cf17dccc2ca75ae63faae461d2e7ce00899ae95f86b9c177b98e2cb0ed7
af705d0258809a85166f697f19b2ba882f9c8de4d89d3d39052d0127b1a4e9a5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bea638291294a0310f9cb57be59995a7995a0f138fe4606b51fd4c2579341057
bf22c770b8efd337825b8c95b64243ff1ee5037015dfd8d85f7fe2248df54c26
bf29c6c1101cf52657bf4dc5e2190f7cb44f13581dda543c7845f46904e5b264
c393c26245592b719dd4e16cbc787c4a9fa0239f9b6402a7fc2af109e26fce0b
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df063f20b20b439f1e96d69ddecbe17c3c5dae63f1bc617a531be38a30d4a786
e32f51096551cf56d8593fad5c9963ff762e4028a80721d70e14a7a2e82adf82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed2bdaefc26c768afe8d900127025c28f1262517f8cb015b7fbd62201426f23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d37d9d015cc4ea45a0431be12a5e5306349f5fc328e9cf704bbc629053fc75

www.fin.org.ua Open in urlscan Pro 91.201.40.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

89 %HTTPS

34 %IPv6

48 Domains

59 Subdomains

41 IPs

7 Countries

1179 kBTransfer

3227 kBSize

42 Cookies

7 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fin.org.ua Open in urlscan Pro
91.201.40.117 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

89 %
HTTPS

34 %
IPv6

48
Domains

59
Subdomains

41
IPs

7
Countries

1179 kB
Transfer

3227 kB
Size

42
Cookies

108 HTTP transactions
2 data transactions