bus.com.ua Open in urlscan Pro
193.243.159.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bus.com.ua/
Submission: On January 05 via api (January 5th 2023, 5:25:18 am UTC) from TR — Scanned from DE

Summary HTTP 158 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 25 domains to perform 158 HTTP transactions. The main IP is 193.243.159.4, located in Ukraine and belongs to VINNEST-AS VinNest ISP Autonomous System, UA. The main domain is bus.com.ua. The Cisco Umbrella rank of the primary domain is 105202.

This is the only time bus.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	193.243.159.4 193.243.159.4	28750 (VINNEST-A...) (VINNEST-AS VinNest ISP Autonomous System)
25	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	193.243.159.5 193.243.159.5	28750 (VINNEST-A...) (VINNEST-AS VinNest ISP Autonomous System)
1 2	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.201.116.4 193.201.116.4	29663 (SNU) (SNU)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.34.117 3.126.34.117	16509 (AMAZON-02) (AMAZON-02)
1 14	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.29.52.153 52.29.52.153	16509 (AMAZON-02) (AMAZON-02)
158	29

19 193.243.159.4 (Ukraine)

ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA)
PTR: sm.bus.com.ua

bus.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.243.159.5 (Ukraine)

ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA)
PTR: ssl.bus.com.ua

ticket.bus.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.201.116.4 (Ukraine)

ASN29663 (SNU, UA)
PTR: www.secondary.net.ua

secondary.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.34.117 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-34-117.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.19.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.52.153 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-52-153.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 187	699 KB
33	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	303 KB
22	bus.com.ua bus.com.ua — Cisco Umbrella Rank: 105202 ticket.bus.com.ua	53 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	197 KB
11	google.com 2 redirects translate.google.com — Cisco Umbrella Rank: 2106 adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	29 KB
6	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1422 fonts.googleapis.com — Cisco Umbrella Rank: 127	215 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	264 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	824 B
3	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 113835 i.bigmir.net — Cisco Umbrella Rank: 202250	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	968 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 497	958 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 996	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 918	838 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1172	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	917 B
2	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 103	17 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	464 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11371	557 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2379	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	714 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1004	464 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	1 KB
1	secondary.net.ua secondary.net.ua — Cisco Umbrella Rank: 822058	895 B
158	25

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
25	pagead2.googlesyndication.com	bus.com.ua pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	bus.com.ua	bus.com.ua ticket.bus.com.ua
14	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.gstatic.com	bus.com.ua translate.googleapis.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	bus.com.ua googleads.g.doubleclick.net securepubads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net bus.com.ua
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
3	onetag-sys.com	2 redirects
3	ticket.bus.com.ua	bus.com.ua ticket.bus.com.ua
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	translate.googleapis.com
2	www.google-analytics.com	1 redirects bus.com.ua
2	translate.google.com	1 redirects bus.com.ua
2	c.bigmir.net	1 redirects bus.com.ua
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	bus.com.ua
1	i.bigmir.net	bus.com.ua
1	cdn.jsdelivr.net	bus.com.ua
1	secondary.net.ua	bus.com.ua
158	36

This site contains links to these domains. Also see Links.

Domain
ticket.bus.com.ua
rail.bilet-ua.com
forum.bus.com.ua
avtotrans.kr.ua
www.rivnepas.com
zakavto.com.ua
ks.bus.com.ua
www.orangeline.net.ua
www.mexico-blog.info
crr.bus.com.ua
infobus.ua
www.bigmir.net
secondary.net.ua

Subject Issuer	Validity	Valid
*.bus.com.ua Sectigo RSA Domain Validation Secure Server CA	`2021-12-23` - `2023-01-22`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://bus.com.ua/
Frame ID: D5911F80C87F046CB94048CE45BA795F
Requests: 48 HTTP requests in this frame

Frame: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
Frame ID: BF1D385D631C462E8E9820C709EED511
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312092&bpp=13&bdt=259&idt=273&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=5078550836550&frm=20&pv=2&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=R5icPgvDJJ&p=http%3A//bus.com.ua&dtd=303
Frame ID: AE8B666282B59C9D2CC570114885A13E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&adk=2424164121&adf=3981000633&w=160&lmt=1672896312&format=160x90_0ads_al_s&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312107&bpp=4&bdt=274&idt=297&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=4936604726&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=13&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Cebr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AIp4PVxecW&p=http%3A//bus.com.ua&dtd=300
Frame ID: C5238095238F532F3389E75E060C05AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312118&bpp=21&bdt=285&idt=298&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=642ZyMe2nt&p=http%3A//bus.com.ua&dtd=303
Frame ID: 1244726E2DD91B94A405AABBB74E5786
Requests: 16 HTTP requests in this frame

Frame: https://e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A56203CADEFC4431ACF22791494F548
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6ABEA96FF7415E7C831801FAAB76686E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8oRuW075JHHpqgaGuAeNFRcOQBbI8oX211YdxBIAgpC4eW_fKgU-CZ5Em0U42HT_8Q-0xmKWKvOQoPGOF3yT229Kp56la3oBT1uv3gA2Erx9ySyb8GcG99f7WkXM4A0ujOW97Iy1iSDPNq6Ne4RCW8GJsKrZZZ3IckRcVqbP783SNdvNCwnxOXr6Tn5_7q2MKPTVMdTJNlRKA9nAj4r4Jm_NEZhnCHdEkGn9h6aGmVHjNBDPWhdOnj1McRxFF7HEUWhxXC5aQbRonEMFiIg6KPYhllu3b4yG8xZrFlCczGwfTnmf4sdw&sai=AMfl-YRKibdU9-HgIhr7ABsNdRPwP7gXEb7c3RpIjrT04ySAvadMnJ52LnkEa3ylBi8Cuh-SB7RnrIsZpmYc79lCM3YfM6E5pXXe9cOJAb8QIq_8IRqu48IZCjC08JsXHvmQbVzmsuPeoV2ZIC3xj5zNvQ&sig=Cg0ArKJSzMeQrXTmFAOeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D38BD6056B42F0503A78093CA07F31C1
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: B820CD30D26CA3AE1032138AE0169AC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 2CB8174C3660DD6DCFDE9A1FC24035F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231
Frame ID: 50705A74653DEEF3D8AF63FC0BCC7B0D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 83668629FA5CAC36C4E132F6D8756B34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27E393F34B4B98E3B777A1DDB2D28D27
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F19A4499A323EE685418975A7E0C2AE6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 9854DEBA910DBD37D5C767247BCB27CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&adk=1812271804&adf=3025194257&lmt=1672896314&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&pra=7&wgl=1&dt=1672896314350&bpp=3&bdt=2517&idt=3&shv=r20230103&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67913d6c3c930b57-222e8bc007db00dc%3AT%3D1672896312%3ART%3D1672896313%3AS%3DALNI_MZft_-QfG5oa_B20HKKca1n_RwTcg&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726%2C6055777524&nras=1&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&psts=ACgb8tv-aLVOreyYk_j_6qFPatrQFTv08LIAtnNzDXCq0H7GGUmT06Z4iVgPtnBl3j_oPdJTulPrGUB9vKvfy1uJ%2CACgb8tt4qD9ezROOiLmVNBoBn3Yy0_KwNBaMDPk7bTYmYt3M8G3UmANMSEODlnIuXnBzcVHOMcyuILeQuaTUWep2zQ&pvsid=1730214973276069&tmod=1611996638&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=13
Frame ID: D3A9BC521982068F98AED61F97066449
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 968477509BFB09FBE72C698DC9CBD4FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 449A751B3A3F437093EFA44F36002929
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40754C927DB65C5EB7A5BE1FFE07AED3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CABA30EB4A2EAD4C5079B2AD1BA37610
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: E429694C9C3F92BB6AE01B1B90D5A69B
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8AB96F4FD47B1E0EDABC23083BB877EF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 2BF58EF75C33AF633DDBE89FAB31DCAE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Расписание автобусов по Украине. Автовокзалы городов Украины. Заказ автобусных билетов.

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

158
Requests

74 %
HTTPS

53 %
IPv6

25
Domains

36
Subdomains

29
IPs

8
Countries

1783 kB
Transfer

4358 kB
Size

27
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://ticket.bus.com.ua/order
Title: Оплата билетов на автобус через Интернет

Search URL Search Domain Scan URL

URL: http://ticket.bus.com.ua/
Title: Купить билет на автобус, оплата банковской карточкой

Search URL Search Domain Scan URL

URL: https://rail.bilet-ua.com/
Title: Залізниця. Наявність вільних місць, купівля квитків

Search URL Search Domain Scan URL

URL: http://forum.bus.com.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: http://forum.bus.com.ua/?op=viewmsgs&tid=43
Title: Why Russian?

Search URL Search Domain Scan URL

URL: http://avtotrans.kr.ua/
Title: Кировоград

Search URL Search Domain Scan URL

URL: http://www.rivnepas.com/
Title: Ровно

Search URL Search Domain Scan URL

URL: http://zakavto.com.ua/
Title: Ужгород

Search URL Search Domain Scan URL

URL: http://ks.bus.com.ua/
Title: Херсон

Search URL Search Domain Scan URL

URL: http://www.orangeline.net.ua/
Title: Поисковая оптимизация сайтов

Search URL Search Domain Scan URL

URL: http://www.mexico-blog.info/
Title: Мексика-блог - Мексика - вид с изнанки. Такого вам больше нигде не расскажут;)

Search URL Search Domain Scan URL

URL: http://crr.bus.com.ua/
Title: сервер для автоперевозчиков

Search URL Search Domain Scan URL

URL: http://infobus.ua/18-onlineticket.html
Title: Автобусная справочная служба - VIP обслуживание

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/?cl=3550

Search URL Search Domain Scan URL

URL: http://secondary.net.ua/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

http://translate.google.com/translate_a/element.js?cb=TranslateInit HTTP 301
https://translate.google.com/translate_a/element.js?cb=TranslateInit

Request Chain 28

http://c.bigmir.net/?s3550&t6&c1&d24&r1600 HTTP 302
http://i.bigmir.net/cnt/06.gif

Request Chain 29

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 31

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1927242005&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%90%D0%B2%D1%82%D0%BE%D0%B2%D0%BE%D0%BA%D0%B7%D0%B0%D0%BB%D1%8B%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B.%20%D0%97%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BD%D1%8B%D1%85%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D0%BE%D0%B2.&utmhid=1184560748&utmr=-&utmp=%2F&utmht=1672896312310&utmac=UA-8590699-1&utmcc=__utma%3D150504101.1836246683.1672896312.1672896312.1672896312.1%3B%2B__utmz%3D150504101.1672896312.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1049308464&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1927242005&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%90%D0%B2%D1%82%D0%BE%D0%B2%D0%BE%D0%BA%D0%B7%D0%B0%D0%BB%D1%8B%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B.%20%D0%97%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BD%D1%8B%D1%85%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D0%BE%D0%B2.&utmhid=1184560748&utmr=-&utmp=%2F&utmht=1672896312310&utmac=UA-8590699-1&utmcc=__utma%3D150504101.1836246683.1672896312.1672896312.1672896312.1%3B%2B__utmz%3D150504101.1672896312.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1049308464&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=1836246683.1672896312&jid=1049308464&_v=5.7.2&z=1927242005

Request Chain 104

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cver=1&google_push=AavPq0PGRcPPWKjwxQEcGTbyEgdS1l3iF4W-OXgS3bZrCz9kjx5Yt0QJLGU50QjXVDLbO2l2LRC52Ne1ISTELibYiSMN78gYUYE8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cver=1&google_push=AavPq0PGRcPPWKjwxQEcGTbyEgdS1l3iF4W-OXgS3bZrCz9kjx5Yt0QJLGU50QjXVDLbO2l2LRC52Ne1ISTELibYiSMN78gYUYE8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0ZxWGRTbzUxUGRpS0M1&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cver=1&google_push=AavPq0PGRcPPWKjwxQEcGTbyEgdS1l3iF4W-OXgS3bZrCz9kjx5Yt0QJLGU50QjXVDLbO2l2LRC52Ne1ISTELibYiSMN78gYUYE8

Request Chain 105

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_cver=1&google_push=AavPq0NoR1sZv8HSHMUvQj5OsqqsM5SG7YdiE1bOCifqs5bgwvzH_TXsh6qGplrkvFlRdUvAnu5GUMCiqk7ZFwW99-_0RjN6npU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_push=AavPq0NoR1sZv8HSHMUvQj5OsqqsM5SG7YdiE1bOCifqs5bgwvzH_TXsh6qGplrkvFlRdUvAnu5GUMCiqk7ZFwW99-_0RjN6npU

Request Chain 106

https://um.simpli.fi/gp_match?google_gid=CAESECb-FmIobw-Toa1Ac1gKz0Q&google_cver=1&google_push=AavPq0ME6MYqkdSJMYT6axCsGxurJschuj3O4DIIFdiqlP_IU3AkPkzJvDKsxwVsWQeU1rtWjKnoWWOXutvi_SI-p15645OJ9qMI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7197F10B688D459196AD5CE78D9D68B5&google_push=AavPq0ME6MYqkdSJMYT6axCsGxurJschuj3O4DIIFdiqlP_IU3AkPkzJvDKsxwVsWQeU1rtWjKnoWWOXutvi_SI-p15645OJ9qMI

Request Chain 108

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELlW2mwasdJjF8oJONpo_gU&google_cver=1&google_push=AavPq0NLtDAhSCNYmPze1ziDHiFWalji22U8DodBzXVsNyRachqgcQN_7Urb0ZDWREhezVYNt2RAVQgEKvhNXox7VxgY8tZO_vXJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NLtDAhSCNYmPze1ziDHiFWalji22U8DodBzXVsNyRachqgcQN_7Urb0ZDWREhezVYNt2RAVQgEKvhNXox7VxgY8tZO_vXJ

Request Chain 109

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELlW2mwasdJjF8oJONpo_gU&google_cver=1&google_push=AavPq0PqufixHDVrTVEbqr1s6uMVEC-WLbiET1XYuhtV8niTyVY7sZS2gf1X33YlQQ0eXCBDOpAO3u9A73O66UsF8WLYynfgsNuocA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PqufixHDVrTVEbqr1s6uMVEC-WLbiET1XYuhtV8niTyVY7sZS2gf1X33YlQQ0eXCBDOpAO3u9A73O66UsF8WLYynfgsNuocA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_cver=1&google_push=AavPq0OUxeUkCnqUv6veawYtmWUKR1UVV-_7FM5dYD607vKVyN74LeI6cdqe8frgAlBjiGVuOBCM4YCannAN88EtyiTK7U5CjXjsqSqC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTdaZk9nQUFBamM4a1FBbw==&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_cver=1&google_push=AavPq0OUxeUkCnqUv6veawYtmWUKR1UVV-_7FM5dYD607vKVyN74LeI6cdqe8frgAlBjiGVuOBCM4YCannAN88EtyiTK7U5CjXjsqSqC

Request Chain 152

https://ads.travelaudience.com/google_pixel?google_gid=CAESEANP_tLszmQLnB1DFbeYDBo&google_cver=1&google_push=AavPq0Mu0LX-wAt2LX_4Ditj99h9UftyuYIC4DsAIuDnOKvf2xASMzrDu2aFgN1G-ut5IDUYy_KTzSmFvOE32pSF8EhEw4xe53-xmIH- HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I6-lFU3rTNKs4lm8vk7dow2&google_push=AavPq0Mu0LX-wAt2LX_4Ditj99h9UftyuYIC4DsAIuDnOKvf2xASMzrDu2aFgN1G-ut5IDUYy_KTzSmFvOE32pSF8EhEw4xe53-xmIH-

Request Chain 153

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKIDnaV1MhPMywAuNZUja-M&google_cver=1&google_push=AavPq0PFnPAMjKCSFqNOguENukyKUkasyZQo2Eso0EELXfdzrEP8TjXPihKDx7rhHbLyJcPSiajWbrsXKCw9uKQ44Kyng6dXCWTVJqLI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKIDnaV1MhPMywAuNZUja-M&google_cver=1&google_push=AavPq0PFnPAMjKCSFqNOguENukyKUkasyZQo2Eso0EELXfdzrEP8TjXPihKDx7rhHbLyJcPSiajWbrsXKCw9uKQ44Kyng6dXCWTVJqLI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xKnb8LLZQKu6_QXU2kVtIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PFnPAMjKCSFqNOguENukyKUkasyZQo2Eso0EELXfdzrEP8TjXPihKDx7rhHbLyJcPSiajWbrsXKCw9uKQ44Kyng6dXCWTVJqLI

Request Chain 154

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMqKK3K-sLE3HoEiBqEm1Rw&google_cver=1&google_push=AavPq0Pxzhna0UHH1yVvylXyeE75IaeX8fxP_Xv0eT7_3jeJAyDBdPt11mkm7AM9h1DQrqkYn0BUpl3sQYBIjYp2vv-mG4LzuM1eMRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlVMVctMUktSDNTTg==&google_push=AavPq0Pxzhna0UHH1yVvylXyeE75IaeX8fxP_Xv0eT7_3jeJAyDBdPt11mkm7AM9h1DQrqkYn0BUpl3sQYBIjYp2vv-mG4LzuM1eMRA

Request Chain 155

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFyJQF8-Lei-H4fJpxOaHWM&google_cver=1&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl-djdk0 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl-djdk0&google_gid=CAESEFyJQF8-Lei-H4fJpxOaHWM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NjIyOTE2MjcxMzA1MDE2ODUyMg%3D%3D&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl-djdk0

Request Chain 156

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELvPRUoxlI3f4pNZ7tHbDxE&google_cver=1&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZs96T5DrZXv6i_Mm7CRZvDu9zXr24ay HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELvPRUoxlI3f4pNZ7tHbDxE&google_cver=1&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZs96T5DrZXv6i_Mm7CRZvDu9zXr24ay&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03ZVFLQ3FSRTJ1RzNBWnhwSmlTTTRZMmF1SlBjR3lSM35B&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZs96T5DrZXv6i_Mm7CRZvDu9zXr24ay

Request Chain 157

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECSkC2ZEG6sk2MEI8JH6fu0&google_cver=1&google_push=AavPq0OffQsX2WgtIM12jGkJg9UiU1qSeyvOPr08LhZiXLcxJb5Tx4K-Qi0evEyZRYQGx0tqP4uH0FG04ogZl4wKpc4bqfC7-HKMW76x HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECSkC2ZEG6sk2MEI8JH6fu0&google_cver=1&google_push=AavPq0OffQsX2WgtIM12jGkJg9UiU1qSeyvOPr08LhZiXLcxJb5Tx4K-Qi0evEyZRYQGx0tqP4uH0FG04ogZl4wKpc4bqfC7-HKMW76x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7a8787-8219-45e1-a1da-441d91216bbb&%%GOOGLE_PUSH_PAIR%%

158 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bus.com.ua/ 59 KB
13 KB 139ms
45ms Document
text/html 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 551f7e3e145d2ebf5efad15ebb94537c40533767200e2e0d0608a605f7112ab7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=WINDOWS-1251
Date: Thu, 05 Jan 2023 05:25:11 GMT
Server: nginx/1.4.7
Transfer-Encoding: chunked

GET
H/1.1 200
OK bus.css
bus.com.ua/main/ 4 KB
2 KB 89ms
43ms Stylesheet
text/css 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: http://bus.com.ua/main/bus.css
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: f594be4989691157e32afa97129bad288200a19864c15ffa24d3abd5784f80e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 12:38:03 GMT
Server: nginx/1.4.7
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK lang__uk.png
bus.com.ua/main/googletrans2021/images/ 214 B
450 B 90ms
44ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__uk.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 74ffdc446645a1bb680238877a898e86c51f42ce06b82caa207884e682ccddf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-d6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 214

GET
H/1.1 200
OK lang__ru.png
bus.com.ua/main/googletrans2021/images/ 899 B
1 KB 43ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__ru.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-383"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 899

GET
H/1.1 200
OK lang__pl.png
bus.com.ua/main/googletrans2021/images/ 279 B
516 B 43ms
42ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__pl.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: bf2d21352d39531cbe6fcfdf7c79d1ab36a1f580c46cc9d436de0dc4bea7e9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-117"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279

GET
H/1.1 200
OK lang__cs.png
bus.com.ua/main/googletrans2021/images/ 432 B
669 B 90ms
45ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__cs.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: c09f1eba4042eabe754624d431fde12951731db71a048d8980d9fa0906799764

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Sat, 21 Aug 2021 18:43:04 GMT
Server: nginx/1.4.7
ETag: "61214938-1b0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 432

GET
H/1.1 200
OK lang__en.png
bus.com.ua/main/googletrans2021/images/ 1 KB
1 KB 119ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__en.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 270665a3d97e7d35e67813df4aef7c8dd7a31ba1795c72568a74e796337aa193

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-4d5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1237

GET
H/1.1 200
OK lang__de.png
bus.com.ua/main/googletrans2021/images/ 302 B
539 B 374ms
288ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__de.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 22afd4aaee14dea5dd0e34ac845e57585b18db3ef1d3390170ec8b7428ab99cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-12e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 302

GET
H/1.1 200
OK lang__es.png
bus.com.ua/main/googletrans2021/images/ 1 KB
2 KB 129ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__es.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 81323484fb01528c9ac56bc226165b30a712823a85d9a7b7ac59e77ce1b6810f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-551"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1361

GET
H/1.1 200
OK bus.gif
bus.com.ua/main/ 2 KB
2 KB 82ms
45ms Image
image/gif 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/bus.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 0129f2609dce9cc375972acd7328216add961d31b58da45a7b2ca3eb40807acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Wed, 01 Sep 2021 12:22:59 GMT
Server: nginx/1.4.7
ETag: "612f70a3-770"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1904

GET
H/1.1 200
OK payticket.png
bus.com.ua/images/ 668 B
905 B 77ms
42ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/payticket.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 628b1ff2d763eb9fb6d81ad38545bc3164f63e9cc096117d6bbc606e8eacfe15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Tue, 25 Aug 2009 15:08:05 GMT
Server: nginx/1.4.7
ETag: "4a93fe55-29c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 668

GET
H/1.1 200
OK order.gif
bus.com.ua/images/ 979 B
1 KB 78ms
43ms Image
image/gif 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/order.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 7afa3d982e22e63528bd24faeb45ac4884bd0efd282d6bbcc43bd0793c6ddb9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Sat, 24 May 2003 01:05:57 GMT
Server: nginx/1.4.7
ETag: "3ecec575-3d3"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979

GET
H/1.1 200
OK tablo.png
bus.com.ua/images/ 747 B
984 B 67ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 13c281d9ffb2d4bc9d8635c0f5f295af6012ee5b0a36e0f216a144e5892c74d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Tue, 31 Mar 2009 18:45:56 GMT
Server: nginx/1.4.7
ETag: "49d264e4-2eb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 747

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 99 KB
36 KB 91ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ef753eb2207fbfb03036e589d45b8ca4084f671b0aa4b8d3184194ea546d09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4404389759110991997
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 36324
X-XSS-Protection: 0
Expires: Thu, 05 Jan 2023 05:25:11 GMT

GET
H/1.1 200
OK keyt.gif
bus.com.ua/ 132 B
368 B 44ms
44ms Image
image/gif 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/keyt.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 109fd47c58f7b0aa694da65dee308ded227b25bb0c2f9c6cb89ffcec5b46fa8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Sat, 24 May 2003 01:11:24 GMT
Server: nginx/1.4.7
ETag: "3ecec6bc-84"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132

GET
H/1.1 200
OK tablo.ok.png
bus.com.ua/images/ 746 B
983 B 43ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo.ok.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 4f60c36a88cb05ebcd96a558d79ad4419a86e4f2d13313ab14b36d87ac5b0432

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-2ea"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 746

GET
H/1.1 200
OK tablo-red.png
bus.com.ua/images/ 777 B
1014 B 43ms
42ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo-red.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: e99a6f0f8e700a9d1d45f7fd8e731f2899ffb5778bc8ab833eb7b629b14572ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-309"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 777

GET
H/1.1 200
OK tablo-no.png
bus.com.ua/images/ 736 B
973 B 43ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo-no.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 8c7cbc7d274513a2d809ae402522b626e2a9ed6f54ff39561ea57ac36a6a62e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-2e0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 736

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 86ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1442 / 308 of 1000 / last-modified: 1672873566"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27560
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 05 Jan 2023 05:25:11 GMT

GET
H/1.1 200
OK SecondExample.html Show response
ticket.bus.com.ua/static/partner/ Frame BF1D 1 KB
895 B 324ms
43ms Document
text/html 193.243.159.5
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.243.159.5 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: ssl.bus.com.ua
Software: nginx/1.8.1 /
Resource Hash: 8febbb773317577fbc7318af538d7e16d901bbd3c65bf40f71de49b788fd9705

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jan 2023 05:25:12 GMT
ETag: W/"c0cfc-4b9-49f284b14b880"
Last-Modified: Wed, 23 Mar 2011 15:48:34 GMT
Server: nginx/1.8.1
Transfer-Encoding: chunked

GET
H/1.1 200
OK new.png
bus.com.ua/images/ 1 KB
1 KB 79ms
43ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/new.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: aaef4bd6874180c5867c14dcbe4a06c48dcbd75cac41c0158165a69a50984699

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:11 GMT
Last-Modified: Sun, 01 Aug 2010 17:49:45 GMT
Server: nginx/1.4.7
ETag: "4c55b3b9-4d9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1241

GET
H/1.1 200
OK /
c.bigmir.net/ 594 B
849 B 80ms
40ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.bigmir.net/?s3550&t11&l1
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: bd8f6d27d87d87e58d22e0d9d740af373ed8d922aba9616e834b5a55bd763440

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:25:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK seckey.cgi
secondary.net.ua/cgi-bin/ 649 B
895 B 284ms
63ms Image
image/png 193.201.116.4
SNU

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://secondary.net.ua/cgi-bin/seckey.cgi
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.201.116.4 , Ukraine, ASN29663 (SNU, UA),
Reverse DNS: www.secondary.net.ua
Software: Apache/2.4.54 (FreeBSD) OpenSSL/1.1.1o-freebsd PHP/7.4.33 mod_auth_pgsql/2.0.3 /
Resource Hash: 57dc1c8f6e8b26c2cb6506fd038d01dd9a8ad08e6cd3dc5230679adb3200ffaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Server: Apache/2.4.54 (FreeBSD) OpenSSL/1.1.1o-freebsd PHP/7.4.33 mod_auth_pgsql/2.0.3
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 649
Content-Type: image/png

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
1 KB 32ms
11ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 05:25:11 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 39671
x-jsd-version: 2.2.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1062
x-served-by: cache-fra-eddf8230059-FRA, cache-hhn-etou8220078-HHN
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK google-translate.js Show response
bus.com.ua/main/googletrans2021/ 3 KB
4 KB 43ms
43ms Script
application/javascript 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: http://bus.com.ua/main/googletrans2021/google-translate.js
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 758ef9d3380afc249880e748021a7e0498df092748ca875086a44d9d8662f379

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "1a112-d18-5ca13583aef40"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3352

GET
H2

200

element.js Show response
translate.google.com/translate_a/
Redirect Chain

http://translate.google.com/translate_a/element.js?cb=TranslateInit
https://translate.google.com/translate_a/element.js?cb=TranslateInit

75 KB
26 KB

140ms
56ms

Script
text/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=TranslateInit

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b82361ffd461d66d1ed6af06af0742f2e1d9f33273ddf3572da009f0c9f6ffea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:25:12 GMT
X-Content-Type-Options: nosniff
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://translate.google.com/translate_a/element.js?cb=TranslateInit
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 163ms
46ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 17:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Dec 2023 17:22:17 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
692 B 196ms
81ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bus.com.ua

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

869a52816f64d3b93295748b7508b4a340a254133e91b7a567bf591780eb94e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:25:12 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
118 KB 155ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071276

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d798606947676c72d132d0c9cb7bb365fa28bb471bfddf57c710ad6e098a3a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119795
x-xss-protection: 0
server: cafe
etag: 15381927292356758820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:25:12 GMT

GET
H/1.1

200
OK

06.gif
i.bigmir.net/cnt/
Redirect Chain

http://c.bigmir.net/?s3550&t6&c1&d24&r1600
http://i.bigmir.net/cnt/06.gif

43 B
326 B

79ms
39ms

Image
image/gif

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/06.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 43
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:25:12 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/06.gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

127ms
39ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:21:29 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 223
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 05 Jan 2023 07:21:29 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK SecondExampleV2.js Show response
ticket.bus.com.ua/static/partner/ Frame BF1D 4 KB
4 KB 44ms
44ms Script
application/javascript 193.243.159.5
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.bus.com.ua/static/partner/SecondExampleV2.js
Requested by: Host: ticket.bus.com.ua
URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.243.159.5 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: ssl.bus.com.ua
Software: nginx/1.8.1 /
Resource Hash: 73f9ed5e274177267ee4a491c608b7b52a4ca9e867c35400053cc8f8cbaff386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Last-Modified: Wed, 23 Mar 2011 15:29:46 GMT
Server: nginx/1.8.1
ETag: "c0cfd-f9d-49f2807d8ce80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3997

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1927242005&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1927242005&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=1836246683.1672896312&jid=1049308464&_v=5.7.2&z=1927242005

35 B
430 B

57ms
19ms

Image
image/gif

2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=1836246683.1672896312&jid=1049308464&_v=5.7.2&z=1927242005

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 05:25:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=1836246683.1672896312&jid=1049308464&_v=5.7.2&z=1927242005
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 176ms
47ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:11:08 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/ 207 KB
207 KB 178ms
50ms Script
text/javascript 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:49:59 GMT
x-content-type-options: nosniff
age: 9313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211667
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 22:10:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 02:49:59 GMT

GET bus.css
bus.com.ua/main/ Frame BF1D 0
0

GET
H/1.1 200
OK SellListV2-Start_ru.utf8 Show response
ticket.bus.com.ua/static/partner/v2/ Frame BF1D 57 KB
14 KB 89ms
89ms XHR
text/plain 193.243.159.5
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.bus.com.ua/static/partner/v2/SellListV2-Start_ru.utf8
Requested by: Host: ticket.bus.com.ua
URL: https://ticket.bus.com.ua/static/partner/SecondExampleV2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.243.159.5 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: ssl.bus.com.ua
Software: nginx/1.8.1 /
Resource Hash: 737fa2060bec5738e224e6697a1a6875e5308b7a9224d63b74e27453d9141843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Jan 2023 00:37:38 GMT
Server: nginx/1.8.1
ETag: W/"c288a-e40b-5f1798203d491"
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
695 B 192ms
72ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bus.com.ua&callback=_gfp_s_&client=ca-pub-5671548447692744&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

023d5202ffe1e85673f6a55dc1e46c2bb38e5c4615c7ee792fde302510b21101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 199ms
71ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 139ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE8B 88 KB
32 KB 483ms
397ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312092&bpp=13&bdt=259&idt=273&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=5078550836550&frm=20&pv=2&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=R5icPgvDJJ&p=http%3A//bus.com.ua&dtd=303

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60b6b0f5a43fb6d949fb053bdefea00cd621e03d31299e86e35b82119bfe855d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32387
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:12 GMT
expires: Thu, 05 Jan 2023 05:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C523 436 B
795 B 205ms
126ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&adk=2424164121&adf=3981000633&w=160&lmt=1672896312&format=160x90_0ads_al_s&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312107&bpp=4&bdt=274&idt=297&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=4936604726&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=13&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Cebr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AIp4PVxecW&p=http%3A//bus.com.ua&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

304bbe88cecfacc67fcc84cf73e130587f778aede543a287721cef37b60eb9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:12 GMT
expires: Thu, 05 Jan 2023 05:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1244 86 KB
31 KB 659ms
593ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312118&bpp=21&bdt=285&idt=298&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=642ZyMe2nt&p=http%3A//bus.com.ua&dtd=303

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2979c717416f8e4a38d5227bb10a74c321d95298fc493dfd689851c48a79d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31952
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:13 GMT
expires: Thu, 05 Jan 2023 05:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 88 KB
22 KB 574ms
476ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1730214973276069&correlator=3844925512197493&eid=31071296%2C31068367%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=58316593%2CTop_728_90%2C%D0%91%D0%BE%D0%BA%D0%BE%D0%B2%D0%BE%D0%B9_240_40%2C%D0%9D%D0%B8%D0%B6%D0%BD%D0%B8%D0%B9_%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B0_300_600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=468x60%7C728x90%7C970x90%2C120x240%7C160x600%7C180x150%7C200x200%7C234x60%7C240x400%7C250x250%7C300x100%7C300x250%7C300x600%7C336x280%2C120x240%7C160x600%7C200x200%7C240x400%7C250x250%7C300x100%7C300x250%7C300x600%7C320x50%7C336x280&ifi=4&adks=3588908713%2C1823499187%2C1598683731&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1672896312465&lmt=1672896312&dlt=1672896311833&idt=609&adxs=1125%2C-9%2C-9&adys=108%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fbus.com.ua%2F&frm=20&vis=1&psz=474x6%7C0x-1%7C0x-1&msz=468x0%7C0x-1%7C0x-1&fws=0%2C2%2C2&ohw=0%2C0%2C0&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25a00ce2551650a0da83e3eb96ddb810df84a54c1e07c959bc0382aa2582f278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22265
x-xss-protection: 0
google-lineitem-id: 77831313,-1,77313033
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 28809503313,-1,28044797913
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bus.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A56 6 KB
3 KB 212ms
47ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:12 GMT
expires: Fri, 05 Jan 2024 05:25:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated Show response
/ Frame 6ABE 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 127ms
38ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:29:08 GMT
x-content-type-options: nosniff
age: 6964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jan 2024 03:29:08 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 126ms
39ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 23:32:33 GMT
x-content-type-options: nosniff
age: 21159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 23:32:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AE8B 6 KB
1 KB 124ms
46ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312092&bpp=13&bdt=259&idt=273&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=5078550836550&frm=20&pv=2&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=R5icPgvDJJ&p=http%3A//bus.com.ua&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:12:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 05:25:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame AE8B 2 KB
845 B 127ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:06:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE8B 0
0 160ms
82ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHGNuOF-2Y-7IH9iNgQeezLfQCOyH6pVun4-6zuwQloLNhYgWEAEgpbmZBWCV4pCCoAegAfn349soyAEJqQIGYaAIlMqxPqgDAcgDywSqBNABT9ClXFpiI304gjPOdOG-iJaXDfelWMUrHlHzBlWqLjYPo9zCVgBMIj5vNRFpzZBKev1FgxUnP29Q9q_kQnPAPmpN5feThZkrHFuRc-cHr3pDKcCS2fyaeuUPRLFZTXUVDDfRVk_mmld_9cRtVdGa50pQSnQ-T0dbvRc9Hja4ko68h3MEiq33w1jlw5GcP-5mxr6rKB0umAOozpBruqmGkkhfo2b2RGqYBegr7zlmnzIyb-IKcf3zrY8j1ldZWksdDuTGzDjgi6lZ2EFhC_KuJ8AEhKKtjrkEkgUECAQYAZIFBAgFGASgBi6AB_mvtLsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0bkE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTU2NzE1NDg0NDc2OTI3NDQYAA&sigh=oO0e4j0obEc&uach_m=[UACH]&cid=CAQSGwDq26N9U-nfMEtTqCWhBHWMoGds75yyNFD3ShgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312092&bpp=13&bdt=259&idt=273&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=5078550836550&frm=20&pv=2&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=R5icPgvDJJ&p=http%3A//bus.com.ua&dtd=303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 05:25:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/3592041618098137369/ Frame AE8B 29 KB
29 KB 120ms
48ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3592041618098137369/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9472aeae329b36551168b8c9b05d2734c3e9145deb99fe9239b56238c77e124c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 01:12:50 GMT
x-content-type-options: nosniff
age: 360743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29446
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 09:52:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 01:12:50 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9807910567074748725/ Frame AE8B 1 KB
1 KB 161ms
89ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9807910567074748725/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21ef1acb23e6d0a1b0f21476c5e28c642165bf010c426ac6bca1dfc3c14dc733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 13:48:48 GMT
x-content-type-options: nosniff
age: 401785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1253
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:22:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Dec 2023 13:48:48 GMT

GET
DATA 200
OK truncated
/ Frame AE8B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame AE8B 24 KB
10 KB 94ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:05:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame AE8B 3 KB
1 KB 104ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame AE8B 18 KB
7 KB 98ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE8B 154 KB
48 KB 129ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame AE8B 34 KB
14 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:37:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D38B 0
0 83ms
82ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8oRuW075JHHpqgaGuAeNFRcOQBbI8oX211YdxBIAgpC4eW_fKgU-CZ5Em0U42HT_8Q-0xmKWKvOQoPGOF3yT229Kp56la3oBT1uv3gA2Erx9ySyb8GcG99f7WkXM4A0ujOW97Iy1iSDPNq6Ne4RCW8GJsKrZZZ3IckRcVqbP783SNdvNCwnxOXr6Tn5_7q2MKPTVMdTJNlRKA9nAj4r4Jm_NEZhnCHdEkGn9h6aGmVHjNBDPWhdOnj1McRxFF7HEUWhxXC5aQbRonEMFiIg6KPYhllu3b4yG8xZrFlCczGwfTnmf4sdw&sai=AMfl-YRKibdU9-HgIhr7ABsNdRPwP7gXEb7c3RpIjrT04ySAvadMnJ52LnkEa3ylBi8Cuh-SB7RnrIsZpmYc79lCM3YfM6E5pXXe9cOJAb8QIq_8IRqu48IZCjC08JsXHvmQbVzmsuPeoV2ZIC3xj5zNvQ&sig=Cg0ArKJSzMeQrXTmFAOeEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D38B 145 KB
52 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a157267b4b81190ddbf687205e370256a126887bf99759805e474bda1928f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:25:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52333
X-XSS-Protection: 0
Server: cafe
ETag: 9708891197696730750
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D38B 154 KB
47 KB 126ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
DATA 200
OK truncated
/ Frame AE8B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 638efd37413ad99c17f4f31f2912abaed35f397abf5e3cb170e25848e9dfcb51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1244 6 KB
672 B 120ms
45ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312118&bpp=21&bdt=285&idt=298&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=642ZyMe2nt&p=http%3A//bus.com.ua&dtd=303

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 05:10:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 1244 2 KB
765 B 217ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:06:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 1244 24 KB
9 KB 179ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:05:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 1244 3 KB
1 KB 212ms
77ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 1244 18 KB
7 KB 181ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1244 154 KB
47 KB 110ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 1244 34 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:37:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1244 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYU9EOF-2Y7jJH4uG-gaS0JroD-yH6pVurMOT56QQ6e7P_5g4EAEgpbmZBWCV4pCCoAegAfn349soyAEJqQIGYaAIlMqxPqgDAcgDywSqBM0BT9CT8GODGgln5uXfvbZ4zZDpbs38RuJuGHk-B_ui17isdmMEZ63gAnNTyjH3lwBMDhVBlnkFbDGKF-NHeswMl8PYyUsYvIqNA8OL3zrMGxspraERyXyY8w3fb1SjUtsUmCZENlz52NAAcno0O7TiOnvS2QluCQgD8_urlOkUcl3q6-byMSUIoyCWdj3QZbTFCQXlCp8bnMEwCnIuCsCNqnfa5-DA-YugneemRTiCGwvuoNNsZmrtS68V5h-2tkfUyj0Bufj6tYdN9Zx-ncAEq_uWm5gEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_mvtLsDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQr_QH0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQB0BUBgBcBshccChoIABIUcHViLTU2NzE1NDg0NDc2OTI3NDQYAA&sigh=2L37kRqqY0E&uach_m=[UACH]&cid=CAQSGwDq26N95hPdggxqJ8TxbMt5BTN7P7qzzVX1fBgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672896312&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672896312118&bpp=21&bdt=285&idt=298&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&pvsid=1730214973276069&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=642ZyMe2nt&p=http%3A//bus.com.ua&dtd=303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 05:25:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/15237443660615570355/ Frame 1244 27 KB
27 KB 148ms
55ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15237443660615570355/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1556dd88e13d25e043a59be443379af96c6dc8d504018bc7b3ed6e1c40f0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 20:51:20 GMT
x-content-type-options: nosniff
age: 290033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27700
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 09:52:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 20:51:20 GMT

GET
DATA 200
OK truncated
/ Frame 1244 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE8B 15 KB
16 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 490220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE8B 15 KB
16 KB 145ms
57ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 519344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 05:09:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE8B 15 KB
15 KB 166ms
80ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 464573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 20:22:20 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame B820 36 KB
16 KB 117ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame D38B 356 KB
117 KB 93ms
83ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071250

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4444598cfa5630b5517cee014ccfcd64ed1fbbf54eeb1aae805d32efb76b4918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120022
x-xss-protection: 0
server: cafe
etag: 524389112391169022
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 2CB8 10 KB
4 KB 51ms
48ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:28:54 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 04:28:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D38B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a90a75f1676a96e31ea7bc4e49d4639f15dfefe3c2286597b169e4d8f75ec2d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1244 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93650c2f8a92e02f34b79aa3492dd507f1852f9a6255ea8c40fa8c775f88a3cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1244 15 KB
15 KB 132ms
58ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 490220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 13:14:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1244 15 KB
16 KB 117ms
44ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 519344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1244 15 KB
15 KB 144ms
71ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 464573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 20:22:20 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D38B 214 B
222 B 181ms
69ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bus.com.ua&callback=_gfp_s_&client=ca-pub-5671548447692744&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4b2bf3e398ec298a36452e949aba05a120047f11634e7f2e3d23f365a5f608d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D38B 107 B
122 B 149ms
50ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D38B 107 B
122 B 144ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5070 97 KB
35 KB 430ms
427ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb8ed015c803a5fec7e06634ff294098b6ba2f15bd3e378538bd7be80bb292af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36136
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8366 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame 5070 9 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:46:31 GMT

GET
H3 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame 5070 10 KB
4 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5070 8 KB
895 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:32:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5070 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:06:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 5070 24 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:05:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5070 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5070 18 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5070 0
0 131ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsCNp3Ndmh_tfkwlm01mhb20vfPluqDe3W3BMGiC-t6we6P0GlBmfwpgfyxQwyRBoQlMS6_Ts7bmLUTUoIuS-W7uYBHQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5070 154 KB
47 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 5070 34 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:37:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5070 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJn3BOV-2Y6D6H9qPtweto72AD8mpqaJuqI3cvNIQ2tkeEAEgpbmZBWCV4pCCoAegAZvw3KsCyAEBqQIGYaAIlMqxPqgDAcgDywSqBLkBT9DqYetjj8mOmBrPW0_2VbZ1wZGQT0ODCHduF1bnufmkfGSFlQz3MF6erHRfZorLDX4qh5cq9tUqCYlGOAxAH_FOW4c01AfNxtZJ_o9pdAWq8aw13zc6aMuCRWWDYd0n4Pa2bDpQ6PnRwOUzUs1OAc_-lsaKRaGK2IWlZr5y6uCWcqPNXgUvJeUupkp9NsBZOYJczsR7JfdzKjeWVQPuaFeJwxxeibk3jnnq3NsvG5AgYlXRPxe_lr_ABPbBpZ-VBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfNj6PUAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPP8CdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTU2NzE1NDg0NDc2OTI3NDQYAA&sigh=LFMrY12f9oc&uach_m=[UACH]&cid=CAQSOwDq26N9kTqgtYOC0NhzhzJZGDtqpQ4p7xT5lateXQF3GrqI8RZAN1sQU6dEmmfWqhFhH1vwZvuJUpEzGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 05:25:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27E3 143 B
166 B 40ms
38ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F19A 1 KB
643 B 35ms
35ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:03:50 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 15:03:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5070 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3281cb2c40c8a7d437ceae48ab928671667f65a012da25eacb6c3c236a8e2334

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5070 28 KB
28 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 303657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jan 2024 17:04:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F19A 35 B
464 B 29ms
10ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGjVF1OtXw5MMzwtIRP3hZE&google_cver=1&google_push=AavPq0Mfqn6A5MvqcjHyJ0Y_wM1hxinvcPmZBdcDc_UYMYJSzwQbucPnb0vewFd7120XHKGSwxuD1yoWKyvdRNihrJvN7ABvwDc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F19A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0ZxWGRTbzUxUGRpS0M1&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cver=1&google_push=AavPq0PGRcPPWKjwxQEcGTbyEgdS1l3iF4W-OXgS3bZrCz9...

170 B
243 B

131ms
71ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0ZxWGRTbzUxUGRpS0M1&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cver=1&google_push=AavPq0PGRcPPWKjwxQEcGTbyEgdS1l3iF4W-OXgS3bZrCz9kjx5Yt0QJLGU50QjXVDLbO2l2LRC52Ne1ISTELibYiSMN78gYUYE8

Requested by

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:25:13 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0202b4924c632485f@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0ZxWGRTbzUxUGRpS0M1&google_gid=CAESEMMxtqWapivdMyc8SQiNf-M&google_cver=1&google_push=AavPq0PGRcPPWKjwxQEcGTbyEgdS1l3iF4W-OXgS3bZrCz9kjx5Yt0QJLGU50QjXVDLbO2l2LRC52Ne1ISTELibYiSMN78gYUYE8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F19A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_push=AavPq0NoR1sZv8HSHMUvQj5OsqqsM5SG7YdiE1bOCifqs5bgwvzH_TXsh6...

170 B
188 B

166ms
70ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_push=AavPq0NoR1sZv8HSHMUvQj5OsqqsM5SG7YdiE1bOCifqs5bgwvzH_TXsh6qGplrkvFlRdUvAnu5GUMCiqk7ZFwW99-_0RjN6npU

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220026-HHN
pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672896314.144470,VS0,VE177
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_push=AavPq0NoR1sZv8HSHMUvQj5OsqqsM5SG7YdiE1bOCifqs5bgwvzH_TXsh6qGplrkvFlRdUvAnu5GUMCiqk7ZFwW99-_0RjN6npU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F19A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECb-FmIobw-Toa1Ac1gKz0Q&google_cver=1&google_push=AavPq0ME6MYqkdSJMYT6axCsGxurJschuj3O4DIIFdiqlP_IU3AkPkzJvDKsxwVsWQeU1rtWjKnoWWOXutvi_SI-p15645OJ9qMI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7197F10B688D459196AD5CE78D9D68B5&google_push=AavPq0ME6MYqkdSJMYT6axCsGxurJschuj3O4DIIFdiqlP_IU3AkPkzJvDKsxwVsWQeU1rtWjKnoWWOXutvi_SI...

170 B
232 B

132ms
72ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7197F10B688D459196AD5CE78D9D68B5&google_push=AavPq0ME6MYqkdSJMYT6axCsGxurJschuj3O4DIIFdiqlP_IU3AkPkzJvDKsxwVsWQeU1rtWjKnoWWOXutvi_SI-p15645OJ9qMI

Requested by

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 05:25:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7197F10B688D459196AD5CE78D9D68B5&google_push=AavPq0ME6MYqkdSJMYT6axCsGxurJschuj3O4DIIFdiqlP_IU3AkPkzJvDKsxwVsWQeU1rtWjKnoWWOXutvi_SI-p15645OJ9qMI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 04 Jan 2023 05:25:14 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F19A 43 B
351 B 116ms
40ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEL4AJFgv3a8VjAyKb5sisN0&google_cver=1&google_push=AavPq0PKn3ockI-ClaVLeACwVzho5G4FB07Z94kOCsgWy3z8PaR3s5w58c55Ru5DjUQ4h9tFLgCBcMsAwUTTi1VcNhtd-2j1ztoO
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&slotname=9530621126&adk=2610182331&adf=3173046727&pi=t.ma~as.9530621126&w=970&lmt=1672896313&format=970x90&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672896313249&bpp=4&bdt=188&idt=195&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&cookie=ID%3D67913d6c3c930b57%3AT%3D1672896312%3AS%3DALNI_MZbNqwslWVeHZxqIjxJCRjkJ0MMQA&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&correlator=5078550836550&frm=23&ife=4&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1825737391&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=623&ady=80&biw=1600&bih=1200&isw=970&ish=90&ifk=1149421840&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071199%2C31071250%2C44774606%2C44778613%2C44780792&oid=2&pvsid=1420830877611329&tmod=145802458&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.aeniv0gi89em&fsb=1&dtd=231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2edq6ccmlnm7kj0fnp7pa7vm8mu8t5gm

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F19A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELlW2mwasdJjF8oJONpo_gU&google_cver=1&google_push=AavPq0NLtDAhSCNYmPze1ziDHiFWalji22U8DodBzXVsNyRachqgcQN_7Urb0ZDWREhezVYNt2RAVQgEKvhN...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NLtDAhSCNYmPze1ziDHiFWalji22U8DodBzXVsNyRachqgcQN_7Urb0ZDWREhezVYNt2RAVQgEKvhNXox7VxgY8tZO_vXJ

170 B
232 B

151ms
71ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NLtDAhSCNYmPze1ziDHiFWalji22U8DodBzXVsNyRachqgcQN_7Urb0ZDWREhezVYNt2RAVQgEKvhNXox7VxgY8tZO_vXJ

Requested by

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NLtDAhSCNYmPze1ziDHiFWalji22U8DodBzXVsNyRachqgcQN_7Urb0ZDWREhezVYNt2RAVQgEKvhNXox7VxgY8tZO_vXJ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame F19A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELlW2mwasdJjF8oJONpo_gU&google_cver=1&google_push=AavPq0PqufixHDVrTVEbqr1s6uMVEC-WLbiET1XYuhtV8niTyVY7sZS2gf1X33YlQQ0eXCBDOpAO3u9A73O...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PqufixHDVrTVEbqr1s6uMVEC-WLbiET1XYuhtV8niTyVY7sZS2gf1X33YlQQ0eXCBDOpAO3u9A73O66UsF8WLYynfgsNuocA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F19A 0
232 B 184ms
68ms Image
text/html 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkOJgvPCSqLKrqygcGoiCWPQaHURL5ulvZZG-2km0I6i4w4L1TjHNnfkWmE-4BiSlLtQrqGg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
53ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:14 GMT
expires: Thu, 05 Jan 2023 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE8B 42 B
64 B 155ms
74ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjigJSSR_RvQsi_ls4ebbEqPjAnVkbPj8NJ0KxFnOy_DYVjQm1isf9VS5m5b5n_BtlRjtIHmxHr32S-xWhczTzgbdaDFO-Tm0jfruyeiygdm7yaFrY29evCn0j4P_w_Sp-nFDfnQ&sai=AMfl-YTnQfZCcA3JVnLO0GYLknH-foWlIIa-80dPNz3FYXIqvRsl9SbFHagktEamp8LfYX8_38Mc_9cu1byljBg&sig=Cg0ArKJSzGd6hBKVVJyFEAE&cid=CAQSGwDq26N9U-nfMEtTqCWhBHWMoGds75yyNFD3ShgBIBM&id=lidar2&mcvt=1001&p=0,0,400,240&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3433066924&rs=2&la=0&cr=0&vs=4&r=v&rst=1672896312398&rpt=780&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D38B 0
0 188ms
81ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstslNeoZWlDO2na7SaiKKuiWbzih_1OYh6h0IlyaE9uNSaRRIlgeea3OCoQ7dHPCGh6UOi2YuHECA-ROEUwl80HLJ8Mlf98tGT4iAPDajBLHzVQD81EEHO8fc8XDQ6ibwMSIkzl2-kdnBA4AOKJg1E8ha9UH3EhtmBKA3qFi2716QpY4HuDI7afXhVUGXzdU9o3ptCL4qGbM9ZuCL_sXCRSMndAsVjacJFFoL8AIW7p77Q_nUJNHMgqUNd6YAAGqrSDpLBWAWXrkzAe77SBoBsG4i9-OA9GGJU2D4A5Lr4C_pHwAcoRuVooEQ&sai=AMfl-YQGNGiZazg_VoG2roRqOzVu0AcV80PF0lUhBhMhSOSjjuigEEjrOGU8klnyBMT6c_mWofp3QpPs1y5QpdBvzsgWIi8-sQwA83LwgdrakSD_w7jzGCvDg1HX5iUnl05rUtQMHuP41LMwdEBGFrb2Kw&sig=Cg0ArKJSzG-lrnK-bcP1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:25:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D38B 15 KB
11 KB 122ms
80ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04015bbd8d1c94a1f4df9059b22695f8f6f01f8866815439f839967fd78ac5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11217
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1885f282d22b1518dd1669c7bc02e5439b0005cdf239cd6ebeee72776035e088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49670
x-xss-protection: 0
server: cafe
etag: 4281518177959503787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:25:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 103ms
63ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65b11c124dc16fcd4f6f91a317309317007c6e2132f6383f6b1d9fd3a01a1817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 9854 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3A9 121 KB
40 KB 552ms
552ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&adk=1812271804&adf=3025194257&lmt=1672896314&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&pra=7&wgl=1&dt=1672896314350&bpp=3&bdt=2517&idt=3&shv=r20230103&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D67913d6c3c930b57-222e8bc007db00dc%3AT%3D1672896312%3ART%3D1672896313%3AS%3DALNI_MZft_-QfG5oa_B20HKKca1n_RwTcg&gpic=UID%3D00000b9d5acb7b25%3AT%3D1672896312%3ART%3D1672896312%3AS%3DALNI_Mbm8drCItArfdaJP3RttJdo1odu0A&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726%2C6055777524&nras=1&correlator=5078550836550&frm=20&pv=1&ga_vid=1836246683.1672896312&ga_sid=1672896312&ga_hid=1184560748&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071276%2C44774606%2C44780792&oid=2&psts=ACgb8tv-aLVOreyYk_j_6qFPatrQFTv08LIAtnNzDXCq0H7GGUmT06Z4iVgPtnBl3j_oPdJTulPrGUB9vKvfy1uJ%2CACgb8tt4qD9ezROOiLmVNBoBn3Yy0_KwNBaMDPk7bTYmYt3M8G3UmANMSEODlnIuXnBzcVHOMcyuILeQuaTUWep2zQ&pvsid=1730214973276069&tmod=1611996638&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bec40bd626af368e7c8444d6b0a4cf2a0748299ccdf8dd2d1f79cc644b2c763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 40901
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D38B 17 KB
6 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9684 13 KB
5 KB 46ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:25:02 GMT
expires: Fri, 05 Jan 2024 04:25:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 449A 783 B
537 B 124ms
45ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd11fd1e91029c5a1ffcff03959807ed484edc07f5c1c0cab620268e19aa3edf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0T1VR-60GU9LHOXbAaWPSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-0T1VR-60GU9LHOXbAaWPSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:14 GMT
expires: Thu, 05 Jan 2023 05:25:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4075 13 KB
5 KB 41ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:25:02 GMT
expires: Fri, 05 Jan 2024 04:25:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CABA 783 B
533 B 117ms
55ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4992be96e16eaacfc342190fc228b3f6df719a0aedf1817da66925373c19c02e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oLhqntHh1NOSxYfbGaXaAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-oLhqntHh1NOSxYfbGaXaAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:25:14 GMT
expires: Thu, 05 Jan 2023 05:25:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 9684 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4075 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1244 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDWjYblybHM9kb0uc8p3Fus5gznx6Jxfb-KrDEx64NJRMM5qr13FKNgoN2kHbH57AiOS36EutX68QR-FjGZELSFUy7RnzjDHa94bjZbVdL_cXpMxrstJ48fACBoWtpH1uL-HTOkg&sai=AMfl-YSO2bnB6ZJ7uhiAhXU8Hx9aMhwIiUOn1DlBjIDLylMhvcDNcGkbAG7mooi5IasAfvCV0uUtuTTLF-TcDI0&sig=Cg0ArKJSzAAaWBM-J43LEAE&cid=CAQSGwDq26N95hPdggxqJ8TxbMt5BTN7P7qzzVX1fBgBIBM&id=lidar2&mcvt=1026&p=0,0,280,336&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=830138826&rs=2&la=0&cr=0&vs=4&r=v&rst=1672896312422&rpt=1167&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 449A 0
0 69ms
68ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1730214973276069&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CABA 0
0 69ms
69ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1420830877611329&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9684 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SQgNRw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4075 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?r0UH2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8263e8aedb824ccec2623a735ff9637102d60d55c553098a7f525e8f9b3be5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52382
x-xss-protection: 0
server: cafe
etag: 14040634290033047739
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:25:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame E429 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:02:02 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame E429 9 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:46:31 GMT

GET
H3 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame E429 10 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E429 8 KB
895 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 05:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:57:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 05:25:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E429 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:06:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame E429 24 KB
9 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:05:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E429 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame E429 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E429 0
0 45ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSx_RGB9wJOjLgH3JsgomwIo37p6ncJzrjCwXbMDpYC92bHOUeozqFMTHFUdAoqoEb3Yd3uoSeiXuHB4jPDBxPmaxI_UQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E429 154 KB
47 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:25:15 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame E429 34 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:37:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E429 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDN4mOl-2Y5XTF5HygAe8hKn4CYyKlddr9qvk1qsQwNHbu4wCEAEgpbmZBWCV4pCCoAegAaXD360CyAEBqQIGYaAIlMqxPqgDAcgDywSqBM4BT9AucsRalBVwYRyxg5Z3jHhFQJ61YKpiKsoNYVjolhx8pgp-3iCJDsIZfd42vRUeFtKuDxkCOfE_lJcGG8rbMzHJ1gUhy_iCTeQuENHyT-KjwxZL2LKvMYtuwylpLqO0MfI3a8TXXmLH9lSHPz6t83x4uRQ-4_tlLk9XIIgpTTRQ8yMITVnwJ3v9Xus5OIRkJS8EPi7tLZhsMsCaVcltpckyIgBETOMoUBoCFLn5MBUF2Ayc_UdCwnwE-VBWV9lYziZN-ZF_hrLshLl1IQzABI6y2rDvApIFBAgEGAGSBQQIBRgEgAfDvKDSAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELm6EdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTU2NzE1NDg0NDc2OTI3NDQYAA&sigh=EDAK3idqMhE&uach_m=[UACH]&cid=CAQSOwDq26N99CMCA2z0zXTc-Cr6TaFbHG0zfmKAcr1l7Q1SQG6J_YAQRpWUsLvn3AkGxZ_3Ndw_tEocQhgkGAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8AB9 1 KB
643 B 35ms
35ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:03:50 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 15:03:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E429 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a740b2bfe9995c769e7d2d9310d5be7b43614c4b7155970aebdc5703829f5c87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTdaZk9nQUFBamM4a1FBbw==&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_cver=1&google_push=AavPq0OUxeUkCnqUv6veawYtmWUKR1UVV-...

170 B
188 B

76ms
76ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTdaZk9nQUFBamM4a1FBbw==&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_cver=1&google_push=AavPq0OUxeUkCnqUv6veawYtmWUKR1UVV-_7FM5dYD607vKVyN74LeI6cdqe8frgAlBjiGVuOBCM4YCannAN88EtyiTK7U5CjXjsqSqC

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220026-HHN
pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672896315.198112,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTdaZk9nQUFBamM4a1FBbw==&google_gid=CAESEHW_FhPPrp5h1Z9Ld6dtUac&google_cver=1&google_push=AavPq0OUxeUkCnqUv6veawYtmWUKR1UVV-_7FM5dYD607vKVyN74LeI6cdqe8frgAlBjiGVuOBCM4YCannAN88EtyiTK7U5CjXjsqSqC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEANP_tLszmQLnB1DFbeYDBo&google_cver=1&google_push=AavPq0Mu0LX-wAt2LX_4Ditj99h9UftyuYIC4DsAIuDnOKvf2xASMzrDu2aFgN1G-ut5IDUYy_KTzSmFvOE32pSF...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I6-lFU3rTNKs4lm8vk7dow2&google_push=AavPq0Mu0LX-wAt2LX_4Ditj99h9UftyuYIC4DsAIuDnOKvf2xASMzrDu2aFgN1G-ut5IDUYy_KTzSmFvOE32pSF8EhEw4xe53-xmIH-

170 B
188 B

70ms
70ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I6-lFU3rTNKs4lm8vk7dow2&google_push=AavPq0Mu0LX-wAt2LX_4Ditj99h9UftyuYIC4DsAIuDnOKvf2xASMzrDu2aFgN1G-ut5IDUYy_KTzSmFvOE32pSF8EhEw4xe53-xmIH-

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 05:25:15 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I6-lFU3rTNKs4lm8vk7dow2&google_push=AavPq0Mu0LX-wAt2LX_4Ditj99h9UftyuYIC4DsAIuDnOKvf2xASMzrDu2aFgN1G-ut5IDUYy_KTzSmFvOE32pSF8EhEw4xe53-xmIH-
x-host: tde-deliveryengine-production-769c9db745-qj8jq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xKnb8LLZQKu6_QXU2kVtIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

72ms
71ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xKnb8LLZQKu6_QXU2kVtIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PFnPAMjKCSFqNOguENukyKUkasyZQo2Eso0EELXfdzrEP8TjXPihKDx7rhHbLyJcPSiajWbrsXKCw9uKQ44Kyng6dXCWTVJqLI

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xKnb8LLZQKu6_QXU2kVtIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0PFnPAMjKCSFqNOguENukyKUkasyZQo2Eso0EELXfdzrEP8TjXPihKDx7rhHbLyJcPSiajWbrsXKCw9uKQ44Kyng6dXCWTVJqLI
date: Thu, 05 Jan 2023 05:25:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMqKK3K-sLE3HoEiBqEm1Rw&google_cver=1&google_push=AavPq0Pxzhna0UHH1yVvylXyeE75IaeX8fxP_Xv0eT7_3jeJAyDBdPt11mkm7AM9h1DQrqkYn0B...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlVMVctMUktSDNTTg==&google_push=AavPq0Pxzhna0UHH1yVvylXyeE75IaeX8fxP_Xv0eT7_3jeJAyDBdPt11mkm7AM9h1DQrqkYn0BUpl3sQYBIjYp2vv-mG4LzuM1eMRA

170 B
188 B

70ms
70ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlVMVctMUktSDNTTg==&google_push=AavPq0Pxzhna0UHH1yVvylXyeE75IaeX8fxP_Xv0eT7_3jeJAyDBdPt11mkm7AM9h1DQrqkYn0BUpl3sQYBIjYp2vv-mG4LzuM1eMRA

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTjlVMVctMUktSDNTTg==&google_push=AavPq0Pxzhna0UHH1yVvylXyeE75IaeX8fxP_Xv0eT7_3jeJAyDBdPt11mkm7AM9h1DQrqkYn0BUpl3sQYBIjYp2vv-mG4LzuM1eMRA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFyJQF8-Lei-H4fJpxOaHWM&google_cver=1&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl-...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NjIyOTE2MjcxMzA1MDE2ODUyMg%3D%3D&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6a...

170 B
188 B

70ms
70ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NjIyOTE2MjcxMzA1MDE2ODUyMg%3D%3D&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl-djdk0

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NjIyOTE2MjcxMzA1MDE2ODUyMg%3D%3D&google_push=AavPq0MYgoA-5GFsM5sETycBsRd1FDadsRJkGF9nZXRnb6nHRQh5Ap6aa3V4F9fxGW6julil4dpdCETZLCm4t_19cIIcd-iHWl-djdk0
date: Thu, 05 Jan 2023 05:25:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELvPRUoxlI3f4pNZ7tHbDxE&google_cver=1&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZ...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELvPRUoxlI3f4pNZ7tHbDxE&google_cver=1&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZ...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03ZVFLQ3FSRTJ1RzNBWnhwSmlTTTRZMmF1SlBjR3lSM35B&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJE...

170 B
188 B

73ms
70ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03ZVFLQ3FSRTJ1RzNBWnhwSmlTTTRZMmF1SlBjR3lSM35B&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZs96T5DrZXv6i_Mm7CRZvDu9zXr24ay

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03ZVFLQ3FSRTJ1RzNBWnhwSmlTTTRZMmF1SlBjR3lSM35B&google_push=AavPq0Nj0W_D2twyefvExDqif40UUf1_2vCU_T_4DL3L5ONdzf6qh4VJEW4d07I9QWxPgSzuCZs96T5DrZXv6i_Mm7CRZvDu9zXr24ay
date: Thu, 05 Jan 2023 05:25:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 2
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECSkC2ZEG...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECS...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7a8787-8219-45e1-a1da-441d91216bbb&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

71ms
71ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7a8787-8219-45e1-a1da-441d91216bbb&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7a8787-8219-45e1-a1da-441d91216bbb&%%GOOGLE_PUSH_PAIR%%
date: Thu, 05 Jan 2023 05:25:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8AB9 0
12 B 69ms
68ms Image
text/html 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtKgXWuc1BEF7srilb1Agla8RJaSJg5Z8NXo8zdVw5w0Yo73PBqKOoD4SjTihX3j-1BzeyIh0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:25:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BF5 36 KB
16 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5070 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4Ate0sdLI7exovEdOyoVjDOsDaIVcq65OllylwZUFRZfuXMUiwoVcJSWV4Amt-KIPdgSY_ef62YEpGjDGxqiH2cYKRUCK8Q8A0oOQ-J7rKtqTl8g4_APYVhkWzTYYUdx3zOaUkDXSBNuJnUw_nZEwQmon8N_5M8SL&sai=AMfl-YRfziAUHZqD7MGZFeRObhj1e-D-7aI27s04FMDwrR4bqn6Hr6pMLViFb566Kx6WZOGt7jsFxoH33-hJO59uFhnmTujBa0LzkyUizVc9y_kyXXaNaxLCj3RxJ8TAbQ&sig=Cg0ArKJSzPqKH7EGkcRAEAE&cid=CAQSOwDq26N9kTqgtYOC0NhzhzJZGDtqpQ4p7xT5lateXQF3GrqI8RZAN1sQU6dEmmfWqhFhH1vwZvuJUpEzGAEgEw&id=lidar2&mcvt=1002&p=0,0,90,970&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2610182331&rs=2&la=0&cr=0&vs=4&r=v&rst=1672896313484&rpt=736&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D38B 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9JTS4wLOdjrW2V34CxvWlUVknEu-z_N43Zs9_J5oHitJjoYDXIkF4Z7yRJ-YUIoAyGv6chs5GRg2KB1XhzH-GoVesQ0vR-EMSq9ftpujXqQmYlYTK&sig=Cg0ArKJSzMYtTBYHk0A0EAE&id=lidar2&mcvt=1004&p=80,623,170,1593&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230104&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3588908713&rs=4&la=0&cr=0&vs=4&r=v&rst=1672896313061&rpt=1162&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1730214973276069&bg=!ysmlyY3NAAYDMoyoIzI7ACkAdvg8Wo9Ss8CXw_cpOctHEjbARYOiRhzXdIojShsdU8AT2WV9itELLQIAAACeUgAAAAJoAQcKAC9x3mPtla6PhkUH7yMYJNQkaKjfBL3HXzElKBcP02nPBDPGrQbP8edoCrs4l3GceZkCpm_GpccDUjOjy3REQBLFxUGRzmqUB0TM9Z50Uw0lukv1-fcXrFiyBzu1Q5oTrBMhrfH06CdSWKmlgZ-IFpAiWv3LdbET6eYDsVoi1Kb_1s2BbUNDM6lQajFludCcp4VjZgQT2Ofn4BAMrnMreDGyWdSVxvSfxIDJAdfd6ozdN5H4RNdH2e9GWBCzj_wLcJncesOCgY__FtVMYOySw9S6f55AclY_1QOBNa_KIPif1OVkT3I5skqpFgT84GgFP1CrdqBwKOTZ8xPP2j2Jfgx7aPFviuawISF-q6k_HAEoi-uDywzk8StouziTCdz0OampwK-ogJtxlMGbxuRbCP5D9JSx7Ch61nEbfskCwD0B6XzDuClBu5EpiPGxzsNSTjP8EJyYG1zITDB6D0uDwxmtg2ifcFe21AuS8yRGGMfITZ-tW8sui-uDIHTkMkjJz6iTA4_Qg3ciYRfu8hd6rcQcDPbesaS1oIkj6O9bGydjkA_HE9ZUCrzw4rXxv6A63gAPHyZVUoGeCKTfSV60Q1goDoazIBr_yduhIg-y6X4WC3VKvnMohpeFxARE8xVYN2xhB6zcojCALhnLaoX_eBy1Ig1Cch_ykdC94jTEVS1UKuxNvuR4ONRPL07ScTNoLq0rzXFPGvdvIPrE5LEM8K7m_AtlgeJ-418C3ZHTrGZs-HAWoZvQNCeJh7IB4BJ5SfgyK_9aCWiyIZ9Rf9HXet_NcpoCYPc7b9Xh77nc7XYkUCPIZyH98B1t24Xt6jrjV36srgwc4RItcmSZqmjVbtQuQKlrvm8S-Gfl0zBv_s1Fih6JXEOHqdCtLEbkaG6YBvksW0JRPTm70lZUin4-g1rGz2LzMITIzPSMOx--q67W5XN7AHuKLS3eRTJbIu9oF2pD1vUXC27afQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D38B 0
0 72ms
72ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1420830877611329&bg=!rK-lr-vNAAYDMoyoIzI7ACkAdvg8Wh-EyRTamVGJkpsbzV3E8P6S4wEOtEVCt5WyRvIBnhvWh2BMwwIAAACRUgAAAANoAQeZAq3amc7Np3XffZ0ur-udYHiDzVddbPGJm64wDimjM9Ets4MTgD_VrU7OQaFAjNuLJ2AK7SZ_FmxFUKp-OVWgM6FH9nlrv44lrXZd9dftAZLCf5oo6VfdG42eefbMpsFG_dFVbeJ2CwNuah-hpfEbCc579ZHOgFJJ9C2PRpZ3IvCU-0hpOMvl3t_sAGgf_dNpjLbfFG5ZJPwvwn6NJhm2omF8z_eujTfwMn3mXuZc-3gQFfTZyNktBAM75oRBMNkVfV5NiXta9zDgyRV9hwc-15YvWjmFzIIQJoL-3FWlaHFZFkMVFps7QJVbitwTCAbqilJFjg2BLfJtUwpus3lNMU44v_N8CqX_TpT9X5dTf_-2QdRFN-wtzxuSTumUNtqS7B7g0zHRitRKKsP7azU6bUMGw83DblN5CdhWqy26CNrYgoWdcHBV6fVoxjrC8RFtyjdhDjRhpFAFewN-23NqhGDAXKcM5IYSrzLwMEzOB06dPU_FQvrRmQyWqwnUxzOsLqbrPxWIekceWTjn4xdnaKHdkYSfr1_DJDd-mvP0N-6IJFUN2ifbqUarql8Xgn3xelxTH0DMahmJ0Q8V7AyR9r4sZnztcEF8lwwe_soXZAmXsMN5l1UYlFZSFMjym33x6bPckgEVD19mGW3fkFvPQJzkO6Xkz9GGAMsNFxo7F0MwmxoLIySv6PzHX4RVPPTM69ltN0mQDQybgwmNUFrsKnJ4NYdY21MxR9QM9nHrT-39qumWQfXKOu3HGLmXOIwJ3r3oL_RDFKznMmoMRf4GasND9G9GON0Uh-FAAh5aUyvujLXRR48yRjPtmD_dFzTiRbg6rF6as-XHth6u-l_rXmXq6Ub9fGoKGc8jdALB7NVVRxVB3WDb0XuYb_goAWjSivv74XSZJi_73jpddw_l
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E429 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEwhb4REbv7BFa6i91vEx7tBHrgEN6FUTIsv-kqsVvfdO-XJ9YcTBEvdnzKPIGCFLX3zDX_MIcOZ-j1p7tNWkuBVdEUS4zhtLDhpqhZbsZnbmuggvgK0UbQthj5aqIpagdAW2TAA&sai=AMfl-YTDf3LEULkeH9RCszfRXWKRb4SVkgrwD80aUzp0f6bVKmSl0del4XhO8Umf03ZBbCs_a1980jX5ndta5PSyOQhhaSW6KkcU8-j_CjawO_fp4FA-8gCsr_mKTRc4Pw&sig=Cg0ArKJSzE4e807BJcqTEAE&cid=CAQSOwDq26N99CMCA2z0zXTc-Cr6TaFbHG0zfmKAcr1l7Q1SQG6J_YAQRpWUsLvn3AkGxZ_3Ndw_tEocQhgkGAEgEw&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=83,767,1001,1117,1228&tos=83,684,234,116,111&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1672896315034&rpt=168&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:25:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bus.com.ua
URL: http://bus.com.ua/main/bus.css

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bus.com.ua/	1969-12-31 23:59:59	Name: b Value: b
.bus.com.ua/	1970-01-20 18:17:36	Name: __utma Value: 150504101.1836246683.1672896312.1672896312.1672896312.1
.bus.com.ua/	1969-12-31 23:59:59	Name: __utmc Value: 150504101
.bus.com.ua/	1970-01-20 13:04:24	Name: __utmz Value: 150504101.1672896312.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.bus.com.ua/	1970-01-20 08:41:36	Name: __utmt Value: 1
.bus.com.ua/	1970-01-20 08:41:38	Name: __utmb Value: 150504101.1.10.1672896312
bus.com.ua/	1969-12-31 23:59:59	Name: googtrans Value: /auto/uk
.bus.com.ua/	1969-12-31 23:59:59	Name: googtrans Value: /auto/uk
.bus.com.ua/	1970-01-20 18:03:12	Name: __gpi Value: UID=00000b9d5acb7b25:T=1672896312:RT=1672896312:S=ALNI_Mbm8drCItArfdaJP3RttJdo1odu0A
.doubleclick.net/	1970-01-20 18:03:12	Name: IDE Value: AHWqTUlJWyfkKFfxfcxAOdUeK0z7qHTdqqA7r2UKYGyptlpaOT_s72Vh2iwdAZBMvWA
.bus.com.ua/	1970-01-20 18:03:12	Name: __gads Value: ID=67913d6c3c930b57-222e8bc007db00dc:T=1672896312:RT=1672896313:S=ALNI_MZft_-QfG5oa_B20HKKca1n_RwTcg
.quantserve.com/	1970-01-20 10:51:12	Name: d Value: EEIBCQH9J4EA
.quantserve.com/	1970-01-20 18:11:50	Name: mc Value: 63b65f3a-1d71b-ec795-6a037
.w55c.net/	1970-01-20 18:11:50	Name: wfivefivec Value: gFqXdSo51PdiKC5
.simpli.fi/	1970-01-20 17:28:38	Name: suid Value: 7197F10B688D459196AD5CE78D9D68B5
.w55c.net/	1970-01-20 09:24:48	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 08:41:39	Name: DSID Value: NO_DATA
.everesttech.net/	1970-01-20 17:27:12	Name: everest_g_v2 Value: g_surferid~Y7ZfOgAAAjc8kQAo
.3lift.com/	1970-01-20 10:51:12	Name: tluid Value: 4646229162713050168522
.bidswitch.net/	1970-01-20 17:27:12	Name: tuuid Value: 5f7a8787-8219-45e1-a1da-441d91216bbb
.bidswitch.net/	1970-01-20 17:27:12	Name: c Value: 1672896315
.bidswitch.net/	1970-01-20 17:27:12	Name: tuuid_lu Value: 1672896315
.pubmatic.com/	1970-01-20 08:43:02	Name: KTPCACOOKIE Value: YES
.travelaudience.com/	1970-01-20 18:11:50	Name: _tracker Value: %7B%22UUID%22%3A%2223AFA515-4DEB-4CD2-ACE2-59BCBE4EDDA3%22%7D
.pubmatic.com/	1970-01-20 17:27:12	Name: KADUSERCOOKIE Value: C4A9DBF0-B2D9-40AB-BAFD-05D4DA456D21
.yahoo.com/	1970-01-20 17:27:33	Name: A3 Value: d=AQABBDtftmMCEJXTdwoaH7cK0_oyCcjn1ToFEgEBAQGwt2PAYwAAAAAA_eMAAA&S=AQAAAmxGgL_hAYIDchf5DHxM5Vw
.analytics.yahoo.com/	1970-01-20 17:27:12	Name: IDSYNC Value: 18yx~298t

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://bus.com.ua/(Line 670) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://bus.com.ua/(Line 670) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1(Line 4) Message: Mixed Content: The page at 'https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1' was loaded over HTTPS, but requested an insecure stylesheet 'http://bus.com.ua/main/bus.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1(Line 11) Message: Mixed Content: The page at 'https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://ticket.bus.com.ua/order/forming_bn'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
adservice.google.de
bus.com.ua
c.bigmir.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
e6c296053f84545b773fe722c23b4597.safeframe.googlesyndication.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.bigmir.net
image6.pubmatic.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
rtb.openx.net
secondary.net.ua
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
ticket.bus.com.ua
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
bus.com.ua
13.248.245.213
151.101.194.49
172.217.19.98
185.64.189.115
193.201.116.4
193.239.68.97
193.239.71.100
193.243.159.4
193.243.159.5
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9c
2a00:1450:400d:803::2002
2a00:1450:400d:804::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80e::2002
2a04:4e42:200::485
3.126.34.117
3.126.56.137
35.190.0.66
35.204.74.118
35.227.252.103
51.75.86.98
52.29.52.153
69.173.144.165
0129f2609dce9cc375972acd7328216add961d31b58da45a7b2ca3eb40807acc
023d5202ffe1e85673f6a55dc1e46c2bb38e5c4615c7ee792fde302510b21101
04015bbd8d1c94a1f4df9059b22695f8f6f01f8866815439f839967fd78ac5ee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
109fd47c58f7b0aa694da65dee308ded227b25bb0c2f9c6cb89ffcec5b46fa8b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13c281d9ffb2d4bc9d8635c0f5f295af6012ee5b0a36e0f216a144e5892c74d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1885f282d22b1518dd1669c7bc02e5439b0005cdf239cd6ebeee72776035e088
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
21ef1acb23e6d0a1b0f21476c5e28c642165bf010c426ac6bca1dfc3c14dc733
22afd4aaee14dea5dd0e34ac845e57585b18db3ef1d3390170ec8b7428ab99cc
25a00ce2551650a0da83e3eb96ddb810df84a54c1e07c959bc0382aa2582f278
270665a3d97e7d35e67813df4aef7c8dd7a31ba1795c72568a74e796337aa193
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
304bbe88cecfacc67fcc84cf73e130587f778aede543a287721cef37b60eb9c1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3281cb2c40c8a7d437ceae48ab928671667f65a012da25eacb6c3c236a8e2334
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
4444598cfa5630b5517cee014ccfcd64ed1fbbf54eeb1aae805d32efb76b4918
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4992be96e16eaacfc342190fc228b3f6df719a0aedf1817da66925373c19c02e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f60c36a88cb05ebcd96a558d79ad4419a86e4f2d13313ab14b36d87ac5b0432
551f7e3e145d2ebf5efad15ebb94537c40533767200e2e0d0608a605f7112ab7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dc1c8f6e8b26c2cb6506fd038d01dd9a8ad08e6cd3dc5230679adb3200ffaf
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5c1556dd88e13d25e043a59be443379af96c6dc8d504018bc7b3ed6e1c40f0b5
60b6b0f5a43fb6d949fb053bdefea00cd621e03d31299e86e35b82119bfe855d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628b1ff2d763eb9fb6d81ad38545bc3164f63e9cc096117d6bbc606e8eacfe15
638efd37413ad99c17f4f31f2912abaed35f397abf5e3cb170e25848e9dfcb51
65b11c124dc16fcd4f6f91a317309317007c6e2132f6383f6b1d9fd3a01a1817
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
737fa2060bec5738e224e6697a1a6875e5308b7a9224d63b74e27453d9141843
73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628
73f9ed5e274177267ee4a491c608b7b52a4ca9e867c35400053cc8f8cbaff386
74ffdc446645a1bb680238877a898e86c51f42ce06b82caa207884e682ccddf2
758ef9d3380afc249880e748021a7e0498df092748ca875086a44d9d8662f379
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7afa3d982e22e63528bd24faeb45ac4884bd0efd282d6bbcc43bd0793c6ddb9c
81323484fb01528c9ac56bc226165b30a712823a85d9a7b7ac59e77ce1b6810f
8263e8aedb824ccec2623a735ff9637102d60d55c553098a7f525e8f9b3be5da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
869a52816f64d3b93295748b7508b4a340a254133e91b7a567bf591780eb94e2
8a157267b4b81190ddbf687205e370256a126887bf99759805e474bda1928f0a
8bec40bd626af368e7c8444d6b0a4cf2a0748299ccdf8dd2d1f79cc644b2c763
8c7cbc7d274513a2d809ae402522b626e2a9ed6f54ff39561ea57ac36a6a62e6
8febbb773317577fbc7318af538d7e16d901bbd3c65bf40f71de49b788fd9705
93650c2f8a92e02f34b79aa3492dd507f1852f9a6255ea8c40fa8c775f88a3cd
9472aeae329b36551168b8c9b05d2734c3e9145deb99fe9239b56238c77e124c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ef753eb2207fbfb03036e589d45b8ca4084f671b0aa4b8d3184194ea546d09a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a740b2bfe9995c769e7d2d9310d5be7b43614c4b7155970aebdc5703829f5c87
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90a75f1676a96e31ea7bc4e49d4639f15dfefe3c2286597b169e4d8f75ec2d0
aaef4bd6874180c5867c14dcbe4a06c48dcbd75cac41c0158165a69a50984699
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
b82361ffd461d66d1ed6af06af0742f2e1d9f33273ddf3572da009f0c9f6ffea
bb8ed015c803a5fec7e06634ff294098b6ba2f15bd3e378538bd7be80bb292af
bd11fd1e91029c5a1ffcff03959807ed484edc07f5c1c0cab620268e19aa3edf
bd8f6d27d87d87e58d22e0d9d740af373ed8d922aba9616e834b5a55bd763440
bf2d21352d39531cbe6fcfdf7c79d1ab36a1f580c46cc9d436de0dc4bea7e9f2
c09f1eba4042eabe754624d431fde12951731db71a048d8980d9fa0906799764
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d798606947676c72d132d0c9cb7bb365fa28bb471bfddf57c710ad6e098a3a20
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2979c717416f8e4a38d5227bb10a74c321d95298fc493dfd689851c48a79d89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b2bf3e398ec298a36452e949aba05a120047f11634e7f2e3d23f365a5f608d
e99a6f0f8e700a9d1d45f7fd8e731f2899ffb5778bc8ab833eb7b629b14572ff
eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b
ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f594be4989691157e32afa97129bad288200a19864c15ffa24d3abd5784f80e8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

bus.com.ua Open in urlscan Pro 193.243.159.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

74 %HTTPS

53 %IPv6

25 Domains

36 Subdomains

29 IPs

8 Countries

1783 kBTransfer

4358 kBSize

27 Cookies

15 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bus.com.ua Open in urlscan Pro
193.243.159.4 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

74 %
HTTPS

53 %
IPv6

25
Domains

36
Subdomains

29
IPs

8
Countries

1783 kB
Transfer

4358 kB
Size

27
Cookies

158 HTTP transactions
8 data transactions