window.unian.net Open in urlscan Pro
104.26.10.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://window.unian.net/
Submission Tags: @phishunt_io
Submission: On September 28 via api (September 28th 2021, 9:37:03 pm UTC) from DE — Scanned from DE

Summary HTTP 164 Redirects Links 125 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 30 domains to perform 164 HTTP transactions. The main IP is 104.26.10.30, located in United States and belongs to CLOUDFLARENET, US. The main domain is window.unian.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2021. Valid for: a year.

This is the only time window.unian.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	104.26.10.30 104.26.10.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.137.240.100 195.137.240.100	29389 (ASN-UNIAN) (ASN-UNIAN)
4	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
11	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
5	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
4	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
2	172.67.198.123 172.67.198.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.122.175 104.16.122.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
6	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
6	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
5	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	185.239.173.66 185.239.173.66	55081 (24SHELLS) (24SHELLS)
2	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.162.21 213.19.162.21	3356 (LEVEL3) (LEVEL3)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1 1	162.55.6.213 162.55.6.213	24940 (HETZNER-AS) (HETZNER-AS)
1 2	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
10	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
2	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
7	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
4	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
164	41

46 104.26.10.30 (United States)

ASN13335 (CLOUDFLARENET, US)

window.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
photo.unian.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.137.240.100 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

push.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.198.123 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.122.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

sync.medidexs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.239.173.66 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.21 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.213 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f97.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	unian.net window.unian.net images.unian.net www.unian.net photo.unian.net	1 MB
21	googlesyndication.com pagead2.googlesyndication.com 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com tpc.googlesyndication.com	82 KB
18	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	479 KB
12	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	171 KB
11	adtelligent.com 1 redirects ghb.adtelligent.com player.adtelligent.com ghb1.adtelligent.com sync.adtelligent.com	18 KB
9	google.com analytics.google.com www.google.com adservice.google.com	2 KB
7	google.de www.google.de adservice.google.de	2 KB
5	google-analytics.com www.google-analytics.com	20 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl ls.hit.gemius.pl	15 KB
4	facebook.net connect.facebook.net	247 KB
4	googletagmanager.com www.googletagmanager.com	226 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	facebook.com www.facebook.com	531 B
2	e-planning.net 1 redirects ads.us.e-planning.net	925 B
2	criteo.com gum.criteo.com	623 B
2	adtcdn.com player.adtcdn.com	136 KB
1	googleapis.com fonts.googleapis.com	1017 B
1	hybrid.ai dm.hybrid.ai	238 B
1	trafmag.com t.trafmag.com	232 B
1	loopme.me 1 redirects csync.loopme.me	209 B
1	betweendigital.com ads.betweendigital.com	912 B
1	creativecdn.com prebid-eu.creativecdn.com	178 B
1	a-mo.net prebid.a-mo.net	171 B
1	adnxs.com ib.adnxs.com	698 B
1	openx.net adtelligent-d.openx.net	561 B
1	rubiconproject.com fastlane.rubiconproject.com	1 KB
1	medidexs.com sync.medidexs.com	21 KB
1	unpkg.com unpkg.com	2 KB
1	1plus1.ua push.1plus1.ua	34 KB
0	admixer.net Failed inv-nets.admixer.net Failed
164	30

	Domain	Requested by
20	window.unian.net	window.unian.net
14	images.unian.net	window.unian.net
11	www.unian.net	window.unian.net
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	window.unian.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	encrypted-tbn3.gstatic.com	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
6	ghb.adtelligent.com	player.adtcdn.com
6	www.google.de	window.unian.net
6	securepubads.g.doubleclick.net	window.unian.net securepubads.g.doubleclick.net
6	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
5	www.google.com	window.unian.net 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com tpc.googlesyndication.com
5	www.google-analytics.com	window.unian.net www.google-analytics.com
4	encrypted-tbn0.gstatic.com	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
4	connect.facebook.net	window.unian.net connect.facebook.net
4	gaua.hit.gemius.pl	1 redirects window.unian.net gaua.hit.gemius.pl
4	www.googletagmanager.com	window.unian.net www.googletagmanager.com
3	encrypted-tbn2.gstatic.com	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
3	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	analytics.google.com	www.googletagmanager.com
3	www.facebook.com	window.unian.net
2	www.gstatic.com	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
2	sync.adtelligent.com	1 redirects player.adtcdn.com
2	ads.us.e-planning.net	1 redirects
2	gum.criteo.com	player.adtcdn.com
2	player.adtelligent.com	player.adtcdn.com
2	player.adtcdn.com	window.unian.net
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
1	fonts.googleapis.com	166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	dm.hybrid.ai
1	t.trafmag.com
1	csync.loopme.me	1 redirects
1	ghb1.adtelligent.com	player.adtcdn.com
1	ads.betweendigital.com	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	prebid.a-mo.net	player.adtcdn.com
1	ib.adnxs.com	player.adtcdn.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	fastlane.rubiconproject.com	player.adtcdn.com
1	sync.medidexs.com	player.adtcdn.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	photo.unian.net	window.unian.net
1	unpkg.com	www.googletagmanager.com
1	push.1plus1.ua	window.unian.net
0	inv-nets.admixer.net Failed	player.adtcdn.com
164	48

This site contains links to these domains. Also see Links.

Domain
www.unian.net
photo.unian.net
window.unian.ua
covid.unian.net
sport.unian.net
health.unian.net
www.unian.ua
rss.unian.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-05` - `2022-05-04`	a year	crt.sh
1plus1.ua R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sync.medidexs.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-10` - `2021-11-08`	3 months	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-28` - `2021-11-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ads.us.e-planning.net R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-13` - `2021-11-11`	3 months	crt.sh
sync.adtelligent.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://window.unian.net/
Frame ID: 86D1119C7B230781A40B68ED9F845539
Requests: 120 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 26CD6AFF14810E2D937B5E3851982ACE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D2B46F3E6104CF5AA561AC80B0733911
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ae7c8e5f-1f46-46f4-b688-500534fde53b
Frame ID: 5C3E20ECD9082E65FB133493838E50A8
Requests: 1 HTTP requests in this frame

Frame: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EACBF8F89F05CCD482319E2964746CE4
Requests: 1 HTTP requests in this frame

Frame: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA701E0EC2E025B777D939AF1D27F050
Requests: 19 HTTP requests in this frame

Frame: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 514FB49C870517F25F420E54FABCAD97
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5A75ED47C83F8152ED0271FEA137C604
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E534594767A7A38F15056469A95D4F08
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Окно - Украинское независимое информационное агентство УНИАН

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

164
Requests

99 %
HTTPS

0 %
IPv6

30
Domains

48
Subdomains

41
IPs

7
Countries

2617 kB
Transfer

5656 kB
Size

34
Cookies

125 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unian.net/static/start
Title: Сделать стартовой

Search URL Search Domain Scan URL

URL: https://www.unian.net/pogoda/
Title: Подробнее

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/advertising/advert
Title: Реклама на сайте

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/press/about
Title: Пресс-центр

Search URL Search Domain Scan URL

URL: https://photo.unian.net/
Title: Фотобанк

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/monitoring/about
Title: Мониторинг СМИ

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/subscription/products
Title: Подписка на новости

Search URL Search Domain Scan URL

URL: https://window.unian.ua/
Title: Укр

Search URL Search Domain Scan URL

URL: https://www.unian.net/
Title: Информационное агентство

Search URL Search Domain Scan URL

URL: https://covid.unian.net/
Title: Коронавирус

Search URL Search Domain Scan URL

URL: https://www.unian.net/pogoda
Title: Погода

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics
Title: Политика

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics
Title: Экономика

Search URL Search Domain Scan URL

URL: https://www.unian.net/war
Title: Война

Search URL Search Domain Scan URL

URL: https://www.unian.net/ecology
Title: Экология

Search URL Search Domain Scan URL

URL: https://www.unian.net/insurance
Title: Страхование

Search URL Search Domain Scan URL

URL: https://www.unian.net/nezalezhnist30
Title: Независимость-30

Search URL Search Domain Scan URL

URL: https://www.unian.net/kyiv
Title: Киев

Search URL Search Domain Scan URL

URL: https://www.unian.net/lvov
Title: Львов

Search URL Search Domain Scan URL

URL: https://www.unian.net/dnepropetrovsk
Title: Днепр

Search URL Search Domain Scan URL

URL: https://www.unian.net/kharkiv
Title: Харьков

Search URL Search Domain Scan URL

URL: https://www.unian.net/odessa
Title: Одесса

Search URL Search Domain Scan URL

URL: https://www.unian.net/society
Title: Общество

Search URL Search Domain Scan URL

URL: https://sport.unian.net/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.unian.net/world
Title: Мир

Search URL Search Domain Scan URL

URL: https://www.unian.net/science
Title: Наука и IT

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite
Title: Лайт

Search URL Search Domain Scan URL

URL: https://www.unian.net/games
Title: Игры

Search URL Search Domain Scan URL

URL: https://www.unian.net/incidents
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://health.unian.net/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://www.unian.net/tourism
Title: Туризм

Search URL Search Domain Scan URL

URL: https://www.unian.net/curiosities
Title: Курьезы

Search URL Search Domain Scan URL

URL: https://www.unian.net/multimedia/photo
Title: Фото

Search URL Search Domain Scan URL

URL: https://www.unian.net/multimedia/video
Title: Видео

Search URL Search Domain Scan URL

URL: https://www.unian.net/detail/opinions
Title: Мнения

Search URL Search Domain Scan URL

URL: https://www.unian.net/detail/publications
Title: Публикации

Search URL Search Domain Scan URL

URL: https://www.unian.net/detail/interviews
Title: Интервью

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/press/live
Title: Пресс-центр

Search URL Search Domain Scan URL

URL: https://www.unian.net/news/archive
Title: Архив

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/contacts
Title: Контакты

Search URL Search Domain Scan URL

URL: https://www.unian.net/editors
Title: Редакция

Search URL Search Domain Scan URL

URL: https://www.unian.ua/
Title: Укр

Search URL Search Domain Scan URL

URL: https://rss.unian.net/site/news_rus.rss

Search URL Search Domain Scan URL

URL: https://www.unian.net/detail/all_news
Title: Лента новостей

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/ukrainskiy-trener-s-moldavskim-klubom-pobedil-madridskiy-real-v-lige-chempionov-novosti-futbola-11560504.html
Title: Украинский тренер с молдавским клубом победил мадридский Реал в Лиге чемпионов (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics/razumkov-uveryaet-chto-u-nego-net-konflikta-so-slugoy-naroda-novosti-ukraina-11560498.html
Title: Разумков уверяет, что у него нет конфликта со "Слугой народа"

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/holidays/kakoy-prazdnik-29-sentyabrya-2021-chto-otmechaem-segodnya-11559526.html
Title: 29 сентября 2021 - какой сегодня праздник, приметы и именинники, что сегодня нельзя делать

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/ne-nado-delat-menya-babushkoy-katya-osadchaya-trogatelno-pozdravila-starshego-syna-s-19-letiem-11560027.html
Title: "Не надо делать меня бабушкой": Катя Осадчая трогательно поздравила старшего сына с 19-летием

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics/stalo-izvestno-kogda-rada-rassmotrit-proekty-postanovleniy-blokiruyushchih-zakon-ob-oligarhah-novosti-ukraina-11560480.html
Title: Стало известно, когда Рада рассмотрит проекты постановлений, блокирующих закон об олигархах

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/kino/kassetu-s-prezhde-neizvestnoy-pesney-dzhona-lennona-za-1-5-milliona-griven-11560495.html
Title: Кассету с прежде неизвестной песней Джона Леннона продали за 1,5 миллиона гривень

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/eto-ochen-prestizhnyy-rezultat-trener-shahtera-ob-igre-s-interom-v-matche-lch-novosti-futbola-11560486.html
Title: "Это очень престижный результат": тренер Шахтера - об игре с Интером в матче ЛЧ

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/ukraincam-sovetuyut-proverit-karmany-tam-mogut-byt-zamaskirovannye-10-tysyach-griven-novosti-ukraina-11560477.html
Title: Украинцам советуют проверить карманы: там могут "прятаться" 10 тысяч гривень

Search URL Search Domain Scan URL

URL: https://www.unian.net/world/v-minske-aytishnik-otkryl-ogon-po-silovikam-vorvavshimsya-v-ego-kvartiru-video-novosti-mira-11560471.html
Title: В Минске айтишник открыл огонь по силовикам, ворвавшимся в его квартиру (видео)

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/derzkoe-zayavlenie-trener-bavarii-uveren-chto-ego-komanda-obygraet-dinamo-v-matche-ligi-chempionov-novosti-futbola-11560462.html
Title: Дерзкое заявление: тренер Баварии уверен, что его команда обыграет Динамо в матче Лиги чемпионов

Search URL Search Domain Scan URL

URL: https://www.unian.net/incidents/v-chernigove-osudili-trenera-po-greble-na-zanyatiyah-kotorogo-utonul-podrostok-novosti-ukraina-11560450.html
Title: В Чернигове осудили тренера по гребле, на занятиях которого утонул подросток

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics/vo-vremya-rassmotreniya-zakona-ob-oligarhah-deputatov-namerenno-vveli-v-zabluzhdenie-razumkov-novosti-ukraina-11560426.html
Title: Во время рассмотрения закона об олигархах депутатов "намеренно ввели в заблуждение" - Разумков

Search URL Search Domain Scan URL

URL: https://www.unian.net/science/amazon-pokazala-svoego-pervogo-robota-dlya-doma-astro-video-novosti-11560423.html
Title: Amazon показала своего первого робота для дома Astro (видео)

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/dezhavyu-shahter-snova-otobral-ochki-u-intera-v-lige-chempionov-novosti-futbola-11560414.html
Title: Дежавю: Шахтер снова отобрал очки у Интера в Лиге чемпионов (видео)

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/shahter-inter-onlayn-translyaciya-matcha-ligi-chempionov-novosti-futbola-11559313.html
Title: Шахтер - Интер - 0:0: онлайн-трансляция и обзор матча Лиги чемпионов

Search URL Search Domain Scan URL

URL: https://health.unian.net/country/uzhe-betsya-v-grudi-v-ukraine-peresadili-donorskoe-serdce-12-letney-devochke-video-novosti-kieva-11560402.html
Title: Уже бьется в груди: в Украине пересадили донорское сердце 12-летней девочке (фото, видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/energetics/ne-bolshe-chem-rasschitano-v-kabmine-sdelali-zhestkoe-zayavlenie-otnositelno-tarifov-na-otoplenie-i-goryachuyu-vodu-novosti-segodnya-11560396.html
Title: "Не больше, чем рассчитано": в Кабмине сделали жесткое заявление по тарифам на отопление и горячую воду

Search URL Search Domain Scan URL

URL: https://health.unian.net/country/ukraina-popadet-v-troyku-krupnyh-stran-evropy-po-urovnyu-zabolevaemosti-covid-19-v-kse-nazvali-sroki-novosti-ukrainy-11559700.html
Title: Украине спрогнозировали "коронавирусное" антилидерство в Европе: в KSE назвали сроки

Search URL Search Domain Scan URL

URL: https://www.unian.net/incidents/na-ulice-sklonyal-k-intimu-14-letnyuyu-v-odesse-muzhchina-popal-v-izolyator-za-razvrashchenie-devochki-foto-novosti-odessy-11560393.html
Title: На улице склонял к интиму 14-летнюю: в Одессе мужчина попал в изолятор за развращение девочки (фото)

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics/pritula-zayavil-o-sozdanii-sobstvennoy-politicheskoy-partii-novosti-ukraina-11560384.html
Title: Притула заявил о создании собственной политической партии

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/zhiteley-i-gostey-kieva-predupredili-o-vozvrashchenii-adskih-probok-na-yuzhnom-mostu-video-novosti-kieva-11560378.html
Title: Жителей и гостей Киева предупредили о возвращении адских пробок на Южном мосту (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/transport/iz-ukrainy-v-kitay-vyehal-pervyy-gruzovoy-poezd-foto-novosti-ukraina-11560372.html
Title: Из Украины в Китай выехал первый грузовой поезд (фото)

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/kino/netflix-pokazal-treyler-temnokozhego-vesterna-tem-bolnee-padat-s-idrisom-alboy-11560369.html
Title: Netflix показал трейлер "темнокожего" вестерна "Тем больнее падать" с Идрисом Эльбой

Search URL Search Domain Scan URL

URL: https://www.unian.net/curiosities/na-odeschine-muzhchina-predlagal-devushkam-svoy-selderey-i-poluchil-nizshiy-bal-video-novosti-odessy-11560342.html
Title: На Одесчине мужчина предлагал девушкам свой "сельдерей" и получил "низший бал" (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/gitarist-judas-priest-popal-v-bolnicu-iz-za-sereznyh-problem-s-serdcem-11560363.html
Title: Гитарист Judas Priest попал в больницу из-за серьезных проблем с сердцем

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/klichko-podaril-usiku-chempionskiy-poyas-wbc-na-udachu-novosti-kieva-11560354.html
Title: Кличко подарил Усику чемпионский пояс WBC на удачу

Search URL Search Domain Scan URL

URL: https://www.unian.net/ecology/bla-bla-bla-greta-tunberg-epichno-otrugala-mirovyh-liderov-iz-za-problem-s-mirovoy-ekologiey-video-11560351.html
Title: "Бла-бла-бла":Грета Тунберг эпично отругала мировых лидеров из-за проблем с мировой экологией (видео)

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/zarya-roma-prognoz-bukmekerov-na-match-ligi-konferenciy-novosti-futbola-11560330.html
Title: Заря - Рома: прогноз букмекеров на матч Лиги конференций

Search URL Search Domain Scan URL

URL: https://www.unian.net/world/eks-sovetnica-trampa-zapodozrila-putina-ispolzovanii-krasivoy-perevodchicy-na-vstreche-v-2019-godu-novosti-mira-11560339.html
Title: Экс-советница Трампа заподозрила Путина в "использовании" красивой переводчицы на встрече в 2019 году

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/energetics/v-evrokomissii-vpervye-otreagirovali-na-gazovuyu-sdelku-vengrii-i-gazproma-novosti-segodnya-11560321.html
Title: В Еврокомиссии впервые отреагировали на газовую сделку Венгрии и "Газпрома"

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/energetics/ukrkoks-prizval-nkreku-i-ukrenergo-snizit-tarif-na-peredachu-elektroenergii-resurs-est-novosti-segodnya-11560312.html
Title: "Укркокс" призвал НКРЭКУ и "Укрэнерго" снизить тариф на передачу электроэнергии: ресурс есть

Search URL Search Domain Scan URL

URL: https://www.unian.net/russianworld/v-rf-planiruyut-zastavit-nekotoryh-grazhdan-otchityvatsya-o-poezdkah-za-granicu-komu-ne-povezlo-novosti-rossii-11560309.html
Title: В РФ планируют заставить некоторых граждан отчитываться о поездках за границу: кому не повезло

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/dolzhniki-po-alimentam-ne-budut-poluchat-subsidiyu-minsocpolitiki-novosti-ukraina-11560300.html
Title: Должники по алиментам не будут получать субсидию – Минсоцполитики

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/populyarnogo-artista-zapodozrili-v-minirovanii-rossiyskoy-shkoly-11560297.html
Title: Популярного артиста заподозрили в минировании российской школы

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/bavariya-dinamo-gde-smotret-match-ligi-chempionov-novosti-futbola-11560288.html
Title: Бавария - Динамо: где смотреть матч Лиги чемпионов

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/ukrzaliznycya-rasprodaet-neprofilnye-aktivy-na-prozorro-ceny-vozrosli-v-5-20-raz-ot-startovyh-novosti-ukraina-11560282.html
Title: "Укрзализныця" распродает непрофильные активы на "Прозорро": цены возросли в 5-20 раз от стартовых

Search URL Search Domain Scan URL

URL: https://sport.unian.net/boxing/usik-dzhoshua-promouter-ukrainca-nazval-datu-revansha-novosti-boksa-11560270.html
Title: Усик - Джошуа: промоутер украинца назвал дату реванша

Search URL Search Domain Scan URL

URL: https://health.unian.net/country/v-lucke-iz-za-vspyshki-covid-19-v-detdome-gospitalizirovali-17-vospitannikov-novosti-ukrainy-11560264.html
Title: В Луцке из-за вспышки COVID-19 в детдоме госпитализировали 17 воспитанников

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/umopomrachitelnyy-opyt-populyarnaya-pevica-vstretila-inoplanetyan-11560261.html
Title: "Умопомрачительный опыт": популярная певица встретила инопланетян

Search URL Search Domain Scan URL

URL: https://www.unian.net/games/v-etom-mesyace-supergeroyskiy-ekshen-marvel-s-avengers-stanet-besplatnym-dlya-podpischikov-xbox-game-pass-igry-11560249.html
Title: В этом месяце супергеройский экшен Marvel's Avengers станет бесплатным для подписчиков Xbox Game Pass

Search URL Search Domain Scan URL

URL: https://www.unian.net/tourism/news/v-mid-rasskazali-chto-bolshe-vsego-uderzhivaet-inostrancev-ot-puteshestviy-v-ukrainu-novosti-11560240.html
Title: В МИД рассказали, что больше всего удерживает иностранцев от путешествий в Украину

Search URL Search Domain Scan URL

URL: https://sport.unian.net/boxing/usik-zayavil-chto-povezet-chempionskie-poyasa-v-okkupirovannyy-krym-novosti-boksa-11560231.html
Title: Усик заявил, что повезет чемпионские пояса в оккупированный Крым

Search URL Search Domain Scan URL

URL: https://www.unian.net/ecology/v-karpatskie-reki-vpervye-vypustili-tysyachi-malkov-lososya-foto-11560210.html
Title: В карпатские реки впервые выпустили тысячи мальков лосося (фото)

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/nozh-rezinki-i-pachka-deneg-chto-nosit-v-sumochke-alina-grosu-video-11560207.html
Title: Нож, резинки и пачка денег: что носит в сумочке Алина Гросу (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/ukraincam-iz-krasnyh-zon-karantina-podnimut-normy-potrebleniya-dlya-rascheta-subsidii-lazebnaya-novosti-ukraina-11560216.html
Title: Украинцам из "красных" зон карантина поднимут нормы потребления для расчета субсидии - Лазебная

Search URL Search Domain Scan URL

URL: https://www.unian.net/curiosities/v-ssha-shamanka-varila-medvezhyu-mochu-i-ustroila-masshtabnyy-lesnoy-pozhar-poslednie-novosti-11560201.html
Title: В США шаманка "варила медвежью мочу" и устроила масштабный лесной пожар

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/other/zhizn-v-centre-kieva-15-minutnyy-gorod-bez-ogovorok-poslednie-novosti-11560030.html
Title: НК Жизнь в центре Киева: 15-минутный город без оговорок

Search URL Search Domain Scan URL

URL: https://www.unian.net/science/v-oktyabre-mozhno-uvidet-dva-zvezdopada-kogda-luchshe-vsego-nablyudat-novosti-11560195.html
Title: В октябре можно увидеть два звездопада: когда лучше всего наблюдать

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/komarovskiy-zayavil-chto-fizkultura-v-shkole-ne-nuzhna-novosti-ukrainy-11560189.html
Title: Комаровский заявил, что физкультура в школе не нужна

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/other/v-kabmine-pohvastalis-fantasticheskimi-uspehami-diji-i-anonsirovali-novyy-sammit-poslednie-novosti-11560180.html
Title: В Кабмине похвастались "фантастическими" успехами "Дії" и анонсировали новый саммит

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/v-ukraine-vyrosla-srednyaya-zarplata-gosstat-novosti-ukraina-11560177.html
Title: В Украине выросла средняя зарплата - Госстат

Search URL Search Domain Scan URL

URL: https://www.unian.net/tourism/news/zimniy-otdyh-2021-2022-kakie-turisticheskie-napravleniya-budut-dostupny-ukraincam-novosti-11560162.html
Title: Украинцам рассказали, чего ожидать от зимнего туристического сезона

Search URL Search Domain Scan URL

URL: https://www.unian.net/science/astronavt-snyal-samoe-kachestvennoe-foto-polyarnogo-siyaniya-na-zemle-novosti-11560171.html
Title: Астронавт снял самое качественное фото полярного сияния на Земле

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics/ceremoniya-nagrazhdeniya-i-dj-set-ot-arahamii-smi-uznali-programmu-vstrechi-slug-v-truskavce-novosti-ukraina-11560117.html
Title: Церемония награждения и dj-сет от Арахамии: СМИ узнали программу встречи "слуг" в Трускавце

Search URL Search Domain Scan URL

URL: https://health.unian.net/intimacy/psiholog-obyasnila-mozhno-li-schitat-flirt-izmenoy-11559718.html
Title: Психолог объяснила, можно ли считать флирт изменой

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/style/modnye-kurtki-osen-zima-2021-2022-idei-foto-11560159.html
Title: Модные куртки осень-зима 2021: самые стильные идеи (фото)

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/v-minsocpolitiki-ozvuchili-sredniy-razmer-subsidii-na-etu-zimu-novosti-ukraina-11560153.html
Title: В Минсоцполитики озвучили средний размер субсидии на эту зиму

Search URL Search Domain Scan URL

URL: https://www.unian.net/kyiv/povoroznik-budet-suditsya-s-byvshim-prodyuserom-comedy-club-iz-za-lzhi-novosti-kieva-11560144.html
Title: Поворозник будет судиться с бывшим продюсером "Comedy Club" из-за лжи

Search URL Search Domain Scan URL

URL: https://www.unian.net/pogoda/news/sreda-vstretit-kievlyan-pasmurnoy-i-prohladnoy-pogodoy-prognoz-na-29-sentyabrya-novosti-kieva-11559919.html
Title: Среда встретит киевлян пасмурной и прохладной погодой: прогноз на 29 сентября

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/astrology/goroskop-na-29-sentyabrya-chto-zhdet-zavtra-vse-znaki-zodiaka-11559418.html
Title: Гороскоп на 29 сентября: что ждет завтра все знаки Зодиака

Search URL Search Domain Scan URL

URL: https://www.unian.net/incidents/v-harkove-troih-policeyskih-podozrevayut-v-napadenii-i-ograblenii-dvuh-prohozhih-novosti-harkova-11560120.html
Title: В Харькове троих полицейских подозревают в нападении и ограблении двух прохожих

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/na-distancionnoe-obuchenie-v-ukraine-pereshli-bolee-3000-shkol-bolshe-vsego-na-lvovshchine-video-novosti-lvova-11560138.html
Title: На дистанционное обучение в Украине перешли более 3 тысячи школ: больше всего - на Львовщине (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/grimes-posle-razryva-s-ilonom-maskom-vzyalas-za-sozdanie-lesbiyskoy-kommuny-11560135.html
Title: Grimes после разрыва с Илоном Маском взялась за создание "лесбийской коммуны"

Search URL Search Domain Scan URL

URL: https://www.unian.net/russianworld/v-rossiyskoy-shkole-razgorelsya-skandal-iz-za-uchitelya-zastavlyavshego-detey-molitsya-allahu-video-novosti-rossii-11560129.html
Title: В российской школе разгорелся скандал из-за учителя, "заставлявшего" детей молиться Аллаху (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/kino/tayny-vostoka-i-effektnoe-video-v-pustyne-etolubov-prezentuet-reliz-prityazhenie-11560111.html
Title: Тайны Востока и эффектное видео в пустыне: ETOLUBOV презентует релиз "Притяжение"

Search URL Search Domain Scan URL

URL: https://www.unian.net/politics/semenchenko-kotoryy-golodaet-bolee-60-dney-uzhe-ne-nahoditsya-v-izolyatore-sbu-zhena-novosti-ukraina-11560114.html
Title: Семенченко, который голодает более 60 дней, уже не находится в изоляторе СБУ – жена

Search URL Search Domain Scan URL

URL: https://www.unian.net/pogoda/news/v-ukrainu-mchitsya-poholodanie-uzhe-zavtra-temperatura-upadet-do-10-karta-sinoptik-11559784.html
Title: В Украину несется похолодание: уже завтра температура упадет до +1° (карта)

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/v-ofise-ombudsmena-podschitali-chto-muzhchiny-i-zhenshchiny-posle-razvoda-odinakovo-narushayut-prava-rebenka-novosti-ukrainy-11560099.html
Title: В Офисе омбудсмена подсчитали, что мужчины и женщины после развода одинаково нарушают права ребенка

Search URL Search Domain Scan URL

URL: https://www.unian.net/war/ukrainskie-voennye-trenirovalis-na-priazove-bit-po-vragu-iz-gradov-i-giacintov-foto-novosti-donbassa-11560087.html
Title: Украинские военные тренировались на Приазовье бить по "врагу" из "Градов" и "Гиацинтов" (фото)

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/amerikanec-vynuzhdenno-zhivet-v-terminale-borispolya-spit-na-stulyah-i-moetsya-v-tualetah-video-novosti-kieva-11560093.html
Title: Американец вынужденно живет в терминале Борисполя: спит на стульях и моется в туалетах (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/economics/finance/v-ukraine-nachal-deshevet-dollar-novosti-ukraina-11560084.html
Title: В Украине начал дешеветь доллар

Search URL Search Domain Scan URL

URL: https://www.unian.net/lite/stars/kak-vam-takoy-povorot-lesya-nikityuk-pohvastalas-roskoshnym-buketom-ot-taynogo-poklonnika-11559970.html
Title: "Как вам такой поворот?": Леся Никитюк похвасталась роскошным букетом от тайного поклонника

Search URL Search Domain Scan URL

URL: https://www.unian.net/society/sbu-obyavila-podozrenie-eshche-trem-licam-prichastnym-k-partii-shariya-novosti-ukrainy-11560072.html
Title: СБУ объявила подозрение еще трем лицам, причастным к "партии Шария"

Search URL Search Domain Scan URL

URL: https://www.unian.net/incidents/avto-medlenno-ehalo-k-reke-poyavilis-podrobnosti-zagadochnoy-gibeli-treh-muzhchin-na-poltavshchine-video-novosti-ukraina-11560063.html
Title: Авто медленно ехало к реке: появились подробности загадочной гибели трех мужчин на Полтавщине (видео)

Search URL Search Domain Scan URL

URL: https://sport.unian.net/football/yunosheskaya-liga-uefa-shahter-poterpel-pervoe-porazhenie-v-turnire-novosti-futbola-11560069.html
Title: Юношеская лига УЕФА: Шахтер потерпел первое поражение в турнире (видео)

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/siterules/
Title: Правила пользования сайтом

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/policy
Title: Политика конфиденциальности

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/about
Title: О нас

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/editorial-policy
Title: Редакционная политика

Search URL Search Domain Scan URL

URL: https://www.unian.net/socials
Title: Мы в соцсетях

Search URL Search Domain Scan URL

URL: https://www.unian.net/static/siterules
Title: cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://gaua.hit.gemius.pl/_1632865018022/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwindow.unian.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=177&lsdata=7dJ7ipSg7dOehoJ1JAbBeH4MktLcfg0M4OEBJpZveGf.772xq9RevvreeH8uWsxQwWDnBtXDK4wF9KuQ8LPWUZ83bjT7/2.GBk9qwE4Q1W/&fpdata=7Vnb4nkJelJEF24nZ2LrYtcBygIWUcbNxEhnsoJRwMf.37&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1632865018022/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwindow.unian.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=177&lsdata=7dJ7ipSg7dOehoJ1JAbBeH4MktLcfg0M4OEBJpZveGf.772xq9RevvreeH8uWsxQwWDnBtXDK4wF9KuQ8LPWUZ83bjT7/2.GBk9qwE4Q1W/&fpdata=7Vnb4nkJelJEF24nZ2LrYtcBygIWUcbNxEhnsoJRwMf.37&vis=1&fpcap=

Request Chain 103

https://ads.us.e-planning.net/pbjs/1/2e43c/1/window.unian.net/ROS?rnd=0.36956158859119514&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120&ur=https%3A%2F%2Fwindow.unian.net%2F&pbv=4.41.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwindow.unian.net%2F&e_pubcid=db43585f-b454-4d67-8ffa-0fa380a27447 HTTP 302
https://ads.us.e-planning.net/hb/1/2e43c/1/window.unian.net/ROS?ct=1&r=pbjs&rnd=0.36956158859119514&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120&ur=https%3A%2F%2Fwindow.unian.net%2F&pbv=4.41.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwindow.unian.net%2F&e_pubcid=db43585f-b454-4d67-8ffa-0fa380a27447

Request Chain 110

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ae7c8e5f-1f46-46f4-b688-500534fde53b

Request Chain 111

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cabd748f04f8d49b

164 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
window.unian.net/ 90 KB
24 KB 438ms
372ms Document
text/html 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f85be2c783ccf8b19608e20ff730df7fceade5315b6769711a6b243366c345bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: window.unian.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding User-Agent
set-cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u; path=/; secure; HttpOnly
cache-control: public, s-maxage=60
link: <https://window.unian.ua/>; rel="alternate"; hreflang="uk", <https://window.unian.net/>; rel="alternate"; hreflang="ru"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache: BYPASS; Tue, 28 Sep 2021 21:36:57 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3im%2B%2FvdOHgHdme%2BmLgt6fvlV8eV9AWUFJ4vZh6qI6AOfAmL64C5Br6dF61ybn1ood4RT2U7OJ7m5ukE%2FifbB%2F%2FwdpL5rjD3OjcyIrSjhMG%2FPB3yVIDfM1IsqLvARsiP1mOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 69601c350cd9425d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 latomedium.woff
window.unian.net/build/assets/fonts/Lato/ 59 KB
60 KB 30ms
28ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Lato/latomedium.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503aa0afd924263e23e5fbe885c36ad5373a0cbf22c24b104032cef8fb831571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Lato/latomedium.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1244096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60696
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25gDWciLMACdgkhPPLoZdxuC4RFiwGHFKzFg5%2ByKyFBPxcVHkXk1iPYvNFB8jZL5wxij6rOkbmg9I0%2FDSpR%2BEzpBneSTDEqa99%2FKbqKEPfDbi2BNyOBegGUY2Z5C4meEnV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c378887425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTS55F-webfont.woff
window.unian.net/build/assets/fonts/PTSans/ 135 KB
135 KB 48ms
46ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/PTSans/PTS55F-webfont.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7c52a5da90dfe325ba1633ab58b3ed2d495dd440a248a6e9f5944e04178a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/PTSans/PTS55F-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137932
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AffdLjv4NVSE0IBd10pGKaDomum2eSwxP6HEcm2dNMxy5euwohiKTo5jMnMTKL72FNz2Me7kN7kZg1jXGrBltiD32nGerZVGdOe%2F7pORjjQuM2NwMJFh1Mo2kLVkXB9EILo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c378889425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTS56F-webfont.woff
window.unian.net/build/assets/fonts/PTSans/ 41 KB
41 KB 47ms
46ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/PTSans/PTS56F-webfont.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83b4c7d6f3278b8dfd1cbf392c84ca4e4032c1c988c7fa93cd343395a936346

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/PTSans/PTS56F-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41508
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeTMcn36S%2BoLnsoqm2KHDILm4CpWjJVTOKIewiIKclQdjYFFUn37IYJBCl%2F72B2gBGwivJ01qgFYtu34PViXFl6Purnj2evotmHBnx3ypMKo1p9RzMgXWOKf8U%2BmAc4kZxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c37888b425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PTS75F-webfont.woff
window.unian.net/build/assets/fonts/PTSans/ 39 KB
39 KB 64ms
63ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/PTSans/PTS75F-webfont.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775ddd9cbfd52574866001b5fee64556f7727fd135605f0c639aed1bde9911d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/PTSans/PTS75F-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39760
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BRmX27b5NEMjBIQ9fu3TjOMxzMzRC4b8%2BtyqV%2BHTTXC3bB6x7h4hvmmWy%2FbGGPqO7vcjk0zKuT1kB2p5HSK24e7UDW9Khm%2Fd9CxoEizRZKN0gWkEI8ZNRRopb4RuxAxecY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c37888d425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ptsans.woff
window.unian.net/build/assets/fonts/PTSans/ 31 KB
31 KB 46ms
45ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/PTSans/ptsans.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5124ec463a3a065f6bcc61e1a19e261c2a46bfd70ed71df0f5ce6489171ad4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/PTSans/ptsans.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31620
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmnVldknqXoEedEcWPKOLi%2FGkCI0Z5R8wATLJicKtiUT77Cz4DqYam%2FbFBwlsQO87N2gaPBdC4NCEJAXjaacozK22tVir%2FUbqhxjUmBmtggPtqRGZg6%2FWOuNJ8ZqzuucpQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c378894425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 permianseriftypeface.woff
window.unian.net/build/assets/fonts/Permianserif/ 32 KB
32 KB 47ms
47ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Permianserif/permianseriftypeface.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c99bd086c32eeba518bee198628e250e82cc8f55ffc9b50e0c3b0727b67758a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Permianserif/permianseriftypeface.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32440
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsc6TUqKMw1Q37vstQuhw%2FCVEmrjEHGZrKh5i%2BmpHTYSb74Ydw6HqUifrXG2eASSTCn9a9RKS5jLEDjfdohjLeAQvysAMRn0Lw8eTrRfjuo7aUJ5L1wiHboxmRY3Llupu1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c378895425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rubrics.e3446b281bfced1be31c1aa589a4ed27.css
window.unian.net/build/ 111 KB
22 KB 44ms
44ms Stylesheet
text/css 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fffaa0124ef1a21c5b5239151cfc7b4aaeeeec037bf0b0014161f12f8bb31b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89210
cf-polished: origSize=113903
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 13:31:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxJsW%2F9tXPwNufbUcNv293SEa1qga2Z7%2F1A%2Bu4eRv51NarVlDCiJbDpHZ1kWePmlku9nLHdP%2Fyc2rDvduxRWNRMvRfiHX8Vv9WN3f8ELL8EFr0ECOIETm3ch3B5WCP%2FVlog%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 69601c378896425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 unian-logo.svg
window.unian.net/images/ 4 KB
2 KB 31ms
28ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://window.unian.net/images/unian-logo.svg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41e906a81c69cc3d30f4a9c6fa50b5c3fc5756c9acabfbeaed66e170e62d12f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /images/unian-logo.svg
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1323803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Sep 2017 10:02:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsV1v0ByXLVxMkFFtwHyGMzD7GaQKv6vrpFrZAmInXPGm5pnE3403Co1W44f0Lc2xShwvZpG40B8AY7IYz4Ok327kIfQkvx0xWkhSQY7uRTFj3Io%2BmAMoV0Di15rZeoIWCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 69601c37e85a06a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 860_470_1622011568-3909.jpg
images.unian.net/photos/2021_05/thumb_files/ 19 KB
20 KB 60ms
41ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/photos/2021_05/thumb_files/860_470_1622011568-3909.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9e252a0e37cb51815857c61f23ce69133512c50d53a94477e7feb390cc9b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89210
cf-polished: qual=85, origFmt=jpeg, origSize=33065
content-disposition: inline; filename="860_470_1622011568-3909.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19490
last-modified: Wed, 26 May 2021 06:46:27 GMT
server: cloudflare
etag: "43d48a46644e4b3e26ff08cb1e3bec79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luCd3MalReE978UVPczZFB9lH4qe8OT89ypSgzKSMmuSha5pE9VoRxl8Qu5lk2ZNj013L48IzpqyK9GQFbHcWhu8RelgGZF%2BxsNu0OPKpIezAagQ%2FC6zzkEZA5ZWWbN1Pio%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 26 Sep 2031 21:36:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 69601c380947425d-LHR
x-1p1-cdn: MISS; Mon, 27 Sep 2021 20:50:07 GMT
cf-bgj: imgq:85,h2pri

GET
H2 200 ajax-loader.svg
www.unian.net/images/ 947 B
571 B 55ms
39ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/images/ajax-loader.svg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1329135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Dec 2019 13:36:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu0VO92ODzjAFUhfElsdRAzb%2BkIHCLutxtIXjniQ08MSlzALChRbaL%2B707FU9j4%2BMvB1dcpPR5RcBWJvdlhc3A2waNDSwqMCVJ%2B3Ri51m95rYw%2BEgtAHvxIUxu%2FBjjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 69601c380940425d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ajax-loader.svg
window.unian.net/images/ 947 B
874 B 30ms
29ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://window.unian.net/images/ajax-loader.svg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /images/ajax-loader.svg
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Dec 2019 13:36:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aunhEHXxIHN0wS2IXQbiyUv84e3JN4I0Q7%2FF7XsdbZ%2Fu0UdvFglyXSZ%2BMjJJK8S7JNYyAv9VsJ7EauTqpJsS98N8cSmh%2Fdx%2BEaVsD5ssYFHuIPi0hKdUeU0jZeLezEehaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 69601c37e85c06a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 owl-carousel.37085af0d4bffb0f050f2e0a01680cc6.css
window.unian.net/build/ 3 KB
1 KB 30ms
29ms Stylesheet
text/css 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/owl-carousel.37085af0d4bffb0f050f2e0a01680cc6.css

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829e6123b34ec0433c2ee65a79589cb48bab763d75504fb4d9e7cb6c90ea328f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /build/owl-carousel.37085af0d4bffb0f050f2e0a01680cc6.css
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1244935
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 24 Dec 2020 09:07:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sutV7kB0cH6vuJZxPXgQxBXOm0%2Fxyx1jGFvQZhMBgmI3Y4cTkzw7Rsyrh7qSfDyH11T3wuVQqnWbf4Bx1Sy8KpLU3yf28FAoEYYXeJZ8k4uVubY08yZ9skWVv%2FqWtup2GRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 69601c37e85706a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 vendor.e1eebaac35424523b02f.js Show response
window.unian.net/build/ 179 KB
54 KB 35ms
33ms Script
application/javascript 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/vendor.e1eebaac35424523b02f.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c9269a95531d695434bae92d5844264849a67fb28f16faa2a4e863e05f8aae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /build/vendor.e1eebaac35424523b02f.js
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
cf-polished: origSize=182949
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 26 Jul 2021 14:55:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXHDB%2FmYPMh3FelLiCC5QsAAOsbW4MVMXtVlbIZrC10Uk%2BGu%2Fj8jUGgDZ0Pp1btpzzuUIBTsLuyr4SJU9OThGnmOMjHhA6T%2FSAJGG6WCqk%2FaWHZfyqQO3Kd2P4OzNd%2FHcTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 69601c37e85806a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 desktop.10270d02561f04e6bd40.js Show response
window.unian.net/build/ 307 KB
96 KB 91ms
88ms Script
application/javascript 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/desktop.10270d02561f04e6bd40.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7555db18dfc7cdb715dc618471fdb1c9ddbd210720e00bd7277c42ce51832b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /build/desktop.10270d02561f04e6bd40.js
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: window.unian.net
referer: https://window.unian.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623124
cf-polished: origSize=314891
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Sep 2021 12:08:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHfMaEK1iCTtO0bPhk9TLq5Eb6LhA%2B%2B6pkYmigNHVE7hb%2FGfsg9IDaLKnSO4J2U1K5O8zKLyCCXzFEvr5Zbvj77bL1qTAn2A20tfdFRWNp95vUhhWeIiqdqbFpWRAlPIWN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: max-age=315360000
cf-ray: 69601c37e85906a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK app.js Show response
push.1plus1.ua/js/ 100 KB
34 KB 237ms
89ms Script
application/javascript 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://push.1plus1.ua/js/app.js
Requested by: Host: window.unian.net
URL: https://window.unian.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: b9f9f54f53824a3f573716c3902f9cc6c8d2c96b3c37b72627c3cfe44255948c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 21:36:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Aug 2021 11:01:26 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 05 Oct 2021 21:36:57 GMT

GET
H2 200 widget Show response
www.unian.net/pogoda/ 8 KB
3 KB 316ms
300ms Script
text/html 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.net/pogoda/widget?lang=ru&source=unian

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59fe2bd2ab9abc737ef7b6d2145ab6b01301165b06d88a3dc0c6ee59a56a4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, User-Agent
x-cache: BYPASS; Tue, 28 Sep 2021 21:36:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgl8ODYg%2Bec3KOdwdaHRl1H87%2Bk%2Fzg8RNQr6f6MujnpCc7g4JbBFanCYhXQZYUyLwKyeca9fyYyLGi%2FoiF4Nc8F63iwgWV5PhLl70%2FCt2OY4aLDDt%2FvEeVbhJ5kBrFo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
strict-transport-security: max-age=15552000
cf-ray: 69601c380945425d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 widget Show response
www.unian.net/pogoda/ 7 KB
1 KB 327ms
311ms Script
text/html 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unian.net/pogoda/widget?type=footer&lang=ru&source=unian

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb384bbcee8b031f1e89f8e75d8f1576445c6062b1cd7cf5e19979617163de74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, User-Agent
x-cache: BYPASS; Tue, 28 Sep 2021 21:36:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38fsgp4qp7AvBFFOrezbaVg%2FL%2BWL%2B7aS64XA7pHWQrDIC%2BdHgIaE72tFs%2FMYBoua15LknJR6afswpfddQQRlvTaVdfSpRa4JIprnY24tZIsD0jGayLLAdK4WUSfopDc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
strict-transport-security: max-age=15552000
cf-ray: 69601c380943425d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
48 KB 91ms
33ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

04b8ae1d5a18323d904e3634b1d6cfea42ac45af2035f61427179e87c0a28f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48134
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 start-page.png
window.unian.net/build/web/images/ 124 B
811 B 55ms
55ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://window.unian.net/build/web/images/start-page.png

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2670c8b666ffeaa47b2f89eabed404a0dbb037d9115b1925af324db5330756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:path: /build/web/images/start-page.png
pragma: no-cache
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
cf-polished: origFmt=png, origSize=216
content-disposition: inline; filename="start-page.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 124
last-modified: Thu, 16 May 2019 12:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIOPu4u94pP%2BbNRa2Ewl4suNT%2F12zEYEdBWHHTpRWn8%2Bfdur7gTUTej0Trc9y025OSdJwiBZ66dMbcdd9wF%2BveGWPLyi7tbmxui7ynaKNij9d3Yst6A2fbEgsa%2BYksDu0tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38088c06a2-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 fontawesome-webfont.woff
window.unian.net/build/assets/fonts/Fontawesome/ 96 KB
96 KB 53ms
52ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Fontawesome/fontawesome-webfont.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Fontawesome/fontawesome-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 98024
last-modified: Mon, 27 Nov 2017 10:11:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSoBLinOrw6SZu%2Fd5vPSrd5WW27sTXmKk4GyfcS0KqIce4lzJKaWGuRd5I7UGBQaZqC4qP%2BC5U%2FzoF1v%2FVvcSO%2BEa3Ql8sTcK4T5%2F3rjLBfmNh8dBvRBWcwglR%2F9beGbnPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38089a06a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 unianicon.woff
window.unian.net/build/assets/fonts/unian-icon/ 5 KB
6 KB 90ms
89ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/unian-icon/unianicon.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b1f4b9f20caeb834a4131d0b100e53f258fe81b8ac5367798f22bbb7869bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/unian-icon/unianicon.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 393921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5588
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJZ9YkKqkB%2BEIHlNn3EYZt7Csuly68JnF7GdrIc0MdL%2Bhbf55l4VY1P8OHulRjGM6gUV9suSQQqWoZ8YkKyQY19t5sT9xdXmCrd960mXv3QYcBxyB5HcycGTngvWtL%2BWEDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38089c06a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latoblack.woff
window.unian.net/build/assets/fonts/Lato/ 53 KB
54 KB 90ms
89ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Lato/latoblack.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a06636a206691621ef22b7433b612d25654f97da6c47416d9375e25d2f26427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Lato/latoblack.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54344
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sV9NKB%2B0%2B0ePUBkr6%2B4GBUmdo9fu0MAAYCvkvhgCY0yaWQkQGFPHHCpQQNs6Y3%2FRldfIjGrAGvsbxMvcSfE2gLFfUpBwvXsi41y2IdbJTScy38E95EBkxXFRBCwGqupCP0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38089e06a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latosemibold.woff
window.unian.net/build/assets/fonts/Lato/ 59 KB
60 KB 100ms
99ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Lato/latosemibold.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2e650fde7b748c6f48495e6fa314563194333aef858db6fa4a6d3d5e19a11e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Lato/latosemibold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1244095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60596
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isluP8el3TnUqyhGNd1TBTeAiAc4pJKe842HHpa7%2Bv1Z%2BgKkqlv5tk0mSFKa74B6XLXehFgCXlmWz1NqNePtnb7FAfOxRs%2F4j4l%2FjVuCpz7XWSfx5o0TAssqQLmzMBmcxd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c3808a106a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latoregular.woff
window.unian.net/build/assets/fonts/Lato/ 59 KB
60 KB 107ms
106ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Lato/latoregular.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7a40621de140fea12b04805ebabffa3a27e4a2ad7860419f39f101fa4bf53b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Lato/latoregular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60888
last-modified: Thu, 14 Sep 2017 10:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XrprYnoCAuQVMqqMNfIOZf4V1q8TQjk%2B8Q7oXj1B96aETCX5rhFl%2FUKT26%2FqlDMORq7sgQSiq1SoooLZIl%2F%2F6DnFC3bJPf92rwct951aaVK0LED15p8iTn0QR2qIwRU4Ek%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c3808a506a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 latobold.woff
window.unian.net/build/assets/fonts/Lato/ 56 KB
56 KB 108ms
108ms Font
font/woff 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://window.unian.net/build/assets/fonts/Lato/latobold.woff

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b03996e23dcbea0107d19cd6a07ee6ff84b9cce67b4a2bae564046f89b00e948

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-fetch-mode: cors
origin: https://window.unian.net
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=u6n5c9bbn7jr5b9dil2ini934u
:path: /build/assets/fonts/Lato/latobold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: window.unian.net
referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://window.unian.net/build/rubrics.e3446b281bfced1be31c1aa589a4ed27.css
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1244095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57172
last-modified: Wed, 10 Jan 2018 09:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9U2ySeofFaMckoh9JaKD7iJ3ibPatqo1SJFxBvfnzRI7rnmJJffNfA2b%2BJ6Yh93rG2iBqEHkaF3Cwv64fjD9ioc3JXB0cPk59wpNUzpCO0x9emquUOlzVT%2BDehJJqWv3jI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69601c3808a606a2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 112ms
57ms Fetch
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/desktop.10270d02561f04e6bd40.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 14212071039499804498
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
H3 200 220_140_1596096525-7077.jpg
images.unian.net/photos/2020_07/thumb_files/ 9 KB
9 KB 30ms
30ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/photos/2020_07/thumb_files/220_140_1596096525-7077.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95b16a12576fb937ece3827cb01565d5552f7022ed3c28ae302fb4391fcfe840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122513
cf-polished: qual=85, origFmt=jpeg, origSize=9161
content-disposition: inline; filename="220_140_1596096525-7077.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8830
last-modified: Thu, 30 Jul 2020 08:08:50 GMT
server: cloudflare
etag: "2307e9a4a703f62e2ea5b3c215686bf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRl3RHdfY5pzGshazfV1RPEQ6eXVAZB1B2y52IkRilJdcLIIaa9dlKoCe91EwDG6wEgfyG0UxhZpZJ8yKte28M5uviX1msSarpVJghMjc%2BWlcW6H8irVBEx0k6zseTI%2BHy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 26 Sep 2031 21:36:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38d9e306a2-LHR
x-1p1-cdn: HIT; Mon, 27 Sep 2021 11:27:17 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 220_140_1613821067-2797.jpg
images.unian.net/photos/2021_02/thumb_files/ 7 KB
8 KB 29ms
29ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/photos/2021_02/thumb_files/220_140_1613821067-2797.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9286413b05e297304957f2eb54163d81f090a7e251b269e52921c59c5e97cd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89207
cf-polished: qual=85, origFmt=jpeg, origSize=7816
content-disposition: inline; filename="220_140_1613821067-2797.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7224
last-modified: Sat, 20 Feb 2021 11:37:50 GMT
server: cloudflare
etag: "cc4b82dc6c85029936285529695aad57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kkkb5vHHgmxaf2a3UgSYWLJ%2FODyeGZ7%2FRH%2BMvgfWAJf9TPYkld7zzEbF7hbO%2FTgeNOZRtfiPduZr9jkobPj6yspkQFLBUajgQKbSbBo9Ogt2cXCet1iWdfPyVgfFwjP%2Fxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 26 Sep 2031 21:36:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38d9e606a2-LHR
x-1p1-cdn: MISS; Mon, 27 Sep 2021 20:50:10 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 220_140_1632216025-3085.jpg
images.unian.net/photos/2021_09/thumb_files/ 8 KB
8 KB 29ms
28ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/photos/2021_09/thumb_files/220_140_1632216025-3085.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc6cc23038ce27d217c42d7abe48fc3309390bb7b4d2d42163df8f4f6d5e3196

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89207
cf-polished: qual=85, origFmt=jpeg, origSize=8424
content-disposition: inline; filename="220_140_1632216025-3085.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7738
last-modified: Tue, 21 Sep 2021 09:20:29 GMT
server: cloudflare
etag: "4e34c4f35567f7dd0659d0db07824922"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FmrfxALPNkqKGX5wHivAiqEl31%2FWmhVyqqifKxPcJnmaI3COBQU%2F4DV9NpvuE1NzXeIaB77LQKwRjgeL0kgrm%2BXXDBmMCUJvAKtGAbq4UbPpMIgjprtrOoFVZmJcKu%2Bu2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 26 Sep 2031 21:36:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 69601c38d9e706a2-LHR
x-1p1-cdn: MISS; Mon, 27 Sep 2021 20:50:10 GMT
cf-bgj: imgq:85,h2pri

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 40 KB
11 KB 94ms
24ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: window.unian.net
URL: https://window.unian.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 10:02:32 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Wed, 29 Sep 2021 09:36:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 49ms
14ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3000
date: Tue, 28 Sep 2021 20:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 28 Sep 2021 22:46:57 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 25ms
8ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

5d72944f1cbbf3c488c93d8e4f22f5acf76a3b7e136fdde155f10df94f2e9317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Arwk3xtf+LAdkx8hjxavDg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: bsxfOEML7ikAcxkrMc5ZJpS02f5OsXChnX+yo1UlLQCqrCwFWjMqYsigxo+I70msRLCmpXFvBgeGabCqXH6+RA==
x-fb-trip-id: 686109401
x-fb-content-md5: ab3335c2205e64662419564c88c4f090
x-frame-options: DENY
date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "36da3a26f841e484cb820bfb46cfc7d3"
timing-allow-origin: *
expires: Tue, 28 Sep 2021 21:49:42 GMT

GET
H2 200 hb_298309_4142.js Show response
player.adtcdn.com/prebidlink/453573/ 338 KB
104 KB 87ms
31ms Script
application/javascript 172.67.198.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Requested by: Host: window.unian.net
URL: https://window.unian.net/build/desktop.10270d02561f04e6bd40.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77759ddcf13b56f83fd5ef8641c832bc5878d9ceb265e3805fed4e34ff2fc013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 Sep 2021 13:18:40 GMT
server: cloudflare
etag: W/"614495b0-546c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BediUmBn13CU3V%2BgdJMcoD%2BwUES5DHwI0HlEOwLAPaU1sbiGuQZzfSiJgAFruxS81rigORa8LIOvg1pzoey%2B7whw1obTaD1dWzXRtKXjTp%2FZt3y1Mh9RKHX81mXq3a6DHeroYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 69601c394f1b4019-CDG
expires: Tue, 28 Sep 2021 21:46:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
60 KB 72ms
41ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P6EEJX21DY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c8a3c3cfecd4019e5a076400bfcdc706b8b76052fb9b0b62af719a96aa8dd716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61142
x-xss-protection: 0
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 160 KB
60 KB 81ms
50ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLSK4Y8K67&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ab775afb02f6f0e215ea17a861357d0842e786780f7363eb25800ad9aeaed666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60903
x-xss-protection: 0
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 160 KB
59 KB 60ms
30ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DENC12J6P3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

507ac872a403b75b4a05d114e658d3e14081b4800bee2f142b2ad9c999150a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60865
x-xss-protection: 0
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.1/dist/ 4 KB
2 KB 39ms
15ms Script
application/javascript 104.16.122.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13737553
fly-request-id: 01F3XR8SV56M0WSBAE89AGWT7F
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 69601c394e6921ab-DUS

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 16ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: IsSkU8NsODGVsqG9XrO2cV8xEgyvfHosTNec7pp7R1DncZPzkGjR9CN1h0zjTbx3iErErMRSWm6+xkTP4C2G+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Sep 2021 21:36:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 269 KB
76 KB 16ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=382e559dc4dba126b3b1e14b3df72324

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

a8d168c18d91a93b35767fd0b11836d7ecf4a3f50b3350dee302758f1d49bb20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://window.unian.net/
Origin: https://window.unian.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UPIJBI9PRXt9B5IM5FWV4g==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77772
x-fb-rlafr: 0
x-fb-debug: 5BpWtIAFZWLhA1/bndWrYqXj950kY66uCTATRyZqqA59B1/ThP38wOt9TQ2TlvlkaH4bXUfAGHr7T2uh8ayZag==
x-fb-content-md5: 06d6e69e2e8692d2d30a3682382c6720
x-frame-options: DENY
date: Tue, 28 Sep 2021 21:36:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5bc4c195cc68a7465407582f71486bab"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Sep 2022 21:29:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 43ms
21ms XHR
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1305928489&t=pageview&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1079476060&gjid=1688815826&cid=1965891731.1632865018&tid=UA-32196466-1&_gid=771700151.1632865018&_r=1&_slc=1&z=1567938544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 37ms
20ms XHR
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1305928489&t=pageview&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=643531448&gjid=1404186510&cid=1965891731.1632865018&tid=UA-32196466-4&_gid=771700151.1632865018&_r=1&_slc=1&z=329758480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1162341047607585 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 8ms
8ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1162341047607585?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

18a5de0a622d07036d0a3cfb5b70031253e03045612bb52c9c1dc91cbfb017c2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146736
x-xss-protection: 0
pragma: public
x-fb-debug: DQNJjaINKYieoIltK32ze5RI4aHmoGyGIaZ8OsiP5QvuDlaYuEQiDMKK5R5gwpyXF8HY039VM5z4NDpzITkRwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Sep 2021 21:36:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 last_top_theme Show response
photo.unian.net/api/ 5 KB
2 KB 352ms
275ms XHR
application/json 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://photo.unian.net/api/last_top_theme

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/vendor.e1eebaac35424523b02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d8128b18cc58599eac429a2387c00e93675267953d0e6bd1fb8ddd6ac8fd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: BYPASS; Tue, 28 Sep 2021 21:36:58 GMT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3avzZ54VpOTrr1l964rorGqS%2Bt4Y97SvFLgZfIFeQGoQ9VCjOGkiSxkKylKZqedX9tGMAPK484LcxCZX8r6AaHw7grReFwDpou0zwDbJToLyjJ1Wq%2B1Y3n1%2BqLteR4cUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
strict-transport-security: max-age=15552000
cf-ray: 69601c3a087865aa-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 22ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=376641199425430&ev=fb_page_view&dl=https%3A%2F%2Fwindow.unian.net%2F&rl=&if=false&ts=1632865017842&sw=1600&sh=1200&at=

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
392 B 24ms
24ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=window.unian.net
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 66a5ec3ae5e29d9220be3dcb99754d2888a59ac0e84350038c5037ace5105bf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Thu, 28 Oct 2021 21:36:57 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 26CD 5 KB
3 KB 96ms
25ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 9d1f82d276440e087528c782b734d4db3f9ff707d2217f2d7e4eda6f68d0cf43

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
expires: Thu, 28 Oct 2021 21:36:57 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2718
content-encoding: gzip

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
464 B 64ms
21ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-32196466-4&cid=1965891731.1632865018&jid=643531448&gjid=1404186510&_gid=771700151.1632865018&_u=IEDAAEABAAAAAC~&z=824120714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Sep 2021 21:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 64ms
21ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-32196466-1&cid=1965891731.1632865018&jid=1079476060&gjid=1688815826&_gid=771700151.1632865018&_u=IEDAAEAAAAAAAC~&z=1220094680

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Sep 2021 21:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 51ms
21ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-32196466-1&cid=1965891731.1632865018&jid=187725792&gjid=1469774912&_gid=771700151.1632865018&_u=aGDAgEABAAAAAG~&z=370599829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Sep 2021 21:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1305928489&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v1-1632865017852-2703876393509&ev=597&_u=aGDAgEABAAAAAC~&jid=187725792&gjid=1469774912&cid=1965891731.1632865018&tid=UA-32196466-1&_gid=771700151.1632865018&gtm=2wg9r056LPBQP&z=979709957

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 11:11:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37508
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
26 KB 91ms
37ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: window.unian.net
URL: https://window.unian.net/build/desktop.10270d02561f04e6bd40.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

c53420a0e6e79b5bbb303a1b64e8f05ca737a3dab8ce70b49356166d9174c0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1000 / 691 of 1000 / last-modified: 1632854039"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25681
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Sep 2021 21:36:57 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1162341047607585&ev=PageView&dl=https%3A%2F%2Fwindow.unian.net%2F&rl=&if=false&ts=1632865017927&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632865017926.1064881447&it=1632865017819&coo=false&exp=p1&rqm=GET

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 28 Sep 2021 21:36:57 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
369 B 94ms
33ms Ping
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P6EEJX21DY&gtm=2oe9r0&_p=1305928489&sr=1600x1200&_gaz=1&ul=en-us&cid=1965891731.1632865018&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sid=1632865017&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P6EEJX21DY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 42ms
21ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P6EEJX21DY&cid=1965891731.1632865018&gtm=2oe9r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P6EEJX21DY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 89ms
34ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P6EEJX21DY&cid=1965891731.1632865018&gtm=2oe9r0&aip=1&z=319256367

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 82ms
35ms Ping
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JLSK4Y8K67&gtm=2oe9r0&_p=1305928489&sr=1600x1200&_gaz=1&ul=en-us&cid=1965891731.1632865018&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sid=1632865017&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLSK4Y8K67&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 31ms
22ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLSK4Y8K67&cid=1965891731.1632865018&gtm=2oe9r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLSK4Y8K67&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 78ms
34ms Ping
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DENC12J6P3&gtm=2oe9r0&_p=1305928489&sr=1600x1200&_gaz=1&ul=en-us&cid=1965891731.1632865018&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sid=1632865017&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DENC12J6P3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 27ms
22ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DENC12J6P3&cid=1965891731.1632865018&gtm=2oe9r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DENC12J6P3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 72ms
33ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JLSK4Y8K67&cid=1965891731.1632865018&gtm=2oe9r0&aip=1&z=570821136

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 72ms
34ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DENC12J6P3&cid=1965891731.1632865018&gtm=2oe9r0&aip=1&z=1871365455

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 92ms
36ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-4&cid=1965891731.1632865018&jid=643531448&_u=IEDAAEABAAAAAC~&z=857076643

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
34ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-4&cid=1965891731.1632865018&jid=643531448&_u=IEDAAEABAAAAAC~&z=857076643

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 90ms
35ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=1965891731.1632865018&jid=1079476060&_u=IEDAAEAAAAAAAC~&z=850503741

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
33ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=1965891731.1632865018&jid=1079476060&_u=IEDAAEAAAAAAAC~&z=850503741

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 48ms
35ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=1965891731.1632865018&jid=187725792&_u=aGDAgEABAAAAAG~&z=1526471734

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 42ms
40ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-32196466-1&cid=1965891731.1632865018&jid=187725792&_u=aGDAgEABAAAAAG~&z=1526471734

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 d240.svg
www.unian.net/pogoda/pogoda/images/icons/ 3 KB
2 KB 255ms
255ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons/d240.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3709999474e5f54ad96be7449a8234f086fd73d9448f5a9c2e682c9aed96ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEicgJk3K1TqekP9YCa7eXyMnz8HnpLh60aV410tSsCbpy9DA9qMFkHZd8W3k2FhjRgOfJUAfmVCypg4ZPG13LOMvNdYElVIwY7RGckYyYmKi%2B4W5%2FtBTEUuUZTv1Sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: REVALIDATED; Sat, 25 Sep 2021 21:01:14 GMT
strict-transport-security: max-age=15552000
cf-ray: 69601c3a6c0106a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d100500.jpg
www.unian.net/pogoda/pogoda/images/bg-footer/ 834 B
1 KB 32ms
30ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/bg-footer/d100500.jpg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d55fe57d9961d00ef3b455b71baee9c867b77805b1a0f7ed0e8c627b10bbc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4164
cf-polished: qual=85, origFmt=jpeg, origSize=1419
x-cache: MISS; Mon, 13 Sep 2021 12:39:31 GMT
content-disposition: inline; filename="d100500.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 834
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2F3RBY2V4t54aQrwv%2BC1DXvBZLTCUA46DJEgqsR1wVGKpwnv2OJtpZjLa9eWxUAgnzpD6NFqh38vE%2BuEuR5aWCFwCXcfylCtbf110OsogDhHT3xQRsp8PkVX4tXRyd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 69601c3aac4606a2-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 d100.svg
www.unian.net/pogoda/pogoda/images/icons-footer/ 2 KB
2 KB 26ms
24ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons-footer/d100.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d668e203faca0ed5a5a5d38b77897724459668e56ff0597e206dbf2e1f2b471b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
age: 1989
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT; Mon, 13 Sep 2021 12:35:57 GMT
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoI9MMYyX%2FuUy8bIij4xP6FeSR2riWbSnl1DY0dSL8yPxjBIIW1Dn%2FI8fD60%2FSEjanNWDv5Y99eIpwuCjQGsUNSKHTn9NSw0HnZzsQ3x8kyD2CrMSN4MRH3GDVIA6qo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 69601c3aac4806a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d440.svg
www.unian.net/pogoda/pogoda/images/icons-footer/ 2 KB
1 KB 256ms
254ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons-footer/d440.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4c6304ce8c374e6c6390298872690764d532b19ac24eacc7d29abf0757f811d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS6W9eSE%2B9zc%2BXpwmMsxP%2F3cTS7Xv4WU4%2BepJj%2BAfUwcgYWrZSKiTzQ9P38j94IvG64Rux2fbEbc7dZ0EZR5NWNeRREf9EEt38sJTBCypVT%2FIsdZA0xM4mFiJD3%2Bx5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS; Tue, 28 Sep 2021 09:05:29 GMT
strict-transport-security: max-age=15552000
cf-ray: 69601c3aac4a06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d410.svg
www.unian.net/pogoda/pogoda/images/icons-footer/ 1 KB
1 KB 27ms
25ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons-footer/d410.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885ef6bcf5babcd7c5b5108439000af5a9263aea72b4b7f17716392a53dba7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
age: 4164
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT; Mon, 13 Sep 2021 12:35:41 GMT
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcu%2FjLGH3kDyiuHCVzgIZ181PXbLxkVUJ8tFmDJab%2BrCYFK4%2FL7sq0UjystJ93a1XGkuL5y1qRxaNfjf%2Fxcfjz706qJfbFJxhmeO7hlaUYJQksM03tSTVvsIC9Fkxiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 69601c3aac4b06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d430.svg
www.unian.net/pogoda/pogoda/images/icons-footer/ 2 KB
1 KB 27ms
26ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons-footer/d430.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37694dfa2fb5db775a44fc1532ed407160ab949725540b3d3981cc840d71ac6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
age: 2936
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT; Mon, 13 Sep 2021 13:03:40 GMT
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvHqXgh50TsqP1IZVfrCpeZqUIAkUK2bzXixQvDBGRiTOekmo4gflI8G6ljkNspwChifPBCKWm8DdYXRf7565fbRQCxDwBWwHl1gkNgN3Tn4F3XbngII8fmE1hO7RL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 69601c3aac4c06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d000.svg
www.unian.net/pogoda/pogoda/images/icons-footer/ 3 KB
2 KB 29ms
27ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons-footer/d000.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0d7dd211ff630caca27fe061cd59d857e3fcbb5279258e6b1fbc2853e78935

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
age: 183
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT; Mon, 13 Sep 2021 13:03:07 GMT
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PGsc38YnLrt%2Fo2MnH%2BCjsZQqkQsMsx2DnQDryR2G79sdrRTshhfd6UgsAUuitrm9N88X4zQY85ETEUHo0Mwt6daFuuJMgSCVtYs4YCtLqTXErZCjQbf1WzjegyaGEI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 69601c3aac4d06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d300.svg
www.unian.net/pogoda/pogoda/images/icons-footer/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.unian.net/pogoda/pogoda/images/icons-footer/d300.svg?32134

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01fe5eeb7d10d258f52c97098571a1ebf8de7f14ce6ecd820a1d13c838edde31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2018 17:19:09 GMT
server: cloudflare
age: 3219
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT; Mon, 13 Sep 2021 12:38:09 GMT
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3ybYyA4GVzyV3N2kJJwyZbn7JqWNMDKH2Mb8KWn8JgLf3S3oC%2BVeUiveQcBP8qs0bH96%2FSLpftPThMNt0L%2FFwRcLPdATgXF18CYcEYeLSpuAj2E8XgST6jG0ww54Gs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 69601c3aac4e06a2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1632865018022/
Redirect Chain

https://gaua.hit.gemius.pl/_1632865018022/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3...
https://gaua.hit.gemius.pl/__/_1632865018022/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=http...

185 B
451 B

88ms
87ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1632865018022/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwindow.unian.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=177&lsdata=7dJ7ipSg7dOehoJ1JAbBeH4MktLcfg0M4OEBJpZveGf.772xq9RevvreeH8uWsxQwWDnBtXDK4wF9KuQ8LPWUZ83bjT7/2.GBk9qwE4Q1W/&fpdata=7Vnb4nkJelJEF24nZ2LrYtcBygIWUcbNxEhnsoJRwMf.37&vis=1&fpcap=
Requested by: Host: window.unian.net
URL: https://window.unian.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b2a9457ae320b5181678d4c6e7a161767a46f18a69f17514b1d81f04518bddc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 185
expires: Mon, 27 Sep 2021 21:36:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1632865018022/rexdot.js?l=100&id=.Aiaz7Qro8pcG8YzBHUnxsPJLeUW2w9GJaOI3XfehBT.X7&et=view&hsrc=1&initsonar=1&extra=rubrick%3Dpolitics&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwindow.unian.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=177&lsdata=7dJ7ipSg7dOehoJ1JAbBeH4MktLcfg0M4OEBJpZveGf.772xq9RevvreeH8uWsxQwWDnBtXDK4wF9KuQ8LPWUZ83bjT7/2.GBk9qwE4Q1W/&fpdata=7Vnb4nkJelJEF24nZ2LrYtcBygIWUcbNxEhnsoJRwMf.37&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 27 Sep 2021 21:36:58 GMT

GET
H3 200 pubads_impl_2021092706.js Show response
securepubads.g.doubleclick.net/gpt/ 336 KB
118 KB 65ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

b104c2739905b36f01c9edfc126f75200dc92eaa8b4e482da4b95edea9ee94d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120406
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 20:07:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Sep 2021 21:36:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 177 B
142 B 62ms
32ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=window.unian.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

203e76f138f1e1fd26b8d78a7f52410dcb0e021d6b6690d9e7a713ade7bf22be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Tue, 28 Sep 2021 21:36:58 GMT

GET
H3 200 wrapper_hb_298309_4142.js Show response
player.adtcdn.com/prebidlink/453573/ 226 KB
33 KB 47ms
27ms Script
application/javascript 172.67.198.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Requested by: Host: window.unian.net
URL: https://window.unian.net/build/desktop.10270d02561f04e6bd40.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.198.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae181e91fc64ccbe42641c7227051e67306c41084a74e89b56a68ca6942dae02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 Sep 2021 13:17:22 GMT
server: cloudflare
etag: W/"61449562-3889c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kQHjLGd%2F6x%2BbTPlEPwcxq9Tkpna9rCEYM6TcBtADiyfIPA%2BFZ4MnALeaM%2FGlsGLSfhyuK203nKmk%2BfLbSMIcXGSHuNyc77JCIg%2FOHhq%2BQZXlVRfwg6PVu8VjbKf7moILUSgJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 69601c3aee323b07-CDG
expires: Tue, 28 Sep 2021 21:46:13 GMT

GET
H2 200 5au.js Show response
sync.medidexs.com/ps/10/ 58 KB
21 KB 68ms
7ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.medidexs.com/ps/10/5au.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: da9e4892a0d703fdf817f4b454e5c51c6edf3a835ea3e1742cac5bd5acf94be9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: gzip
last-modified: Fri, 24 Sep 2021 11:04:43 GMT
server: nginx/1.18.0
etag: W/"614db0cb-e683"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 28 Sep 2021 22:36:58 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 133 B
385 B 307ms
17ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 12a2627a3042816fcffc55baf90519c71edb196ef3abd245f1a139d5390df3e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://window.unian.net
Date: Tue, 28 Sep 2021 21:36:58 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 133
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
418 B 307ms
17ms XHR
image/gif 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4142&full_page_url=https%3A%2F%2Fwindow.unian.net%2F&adid=4lo7ia.li&vpbv=0835&lifecycle_tte=1063
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://window.unian.net
Date: Tue, 28 Sep 2021 21:36:58 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 51ms
7ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2Fwindow.unian.net%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5997990a063195399256b06275252c6501de856686a8ca80a519e69a8efcc58e

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 12:01:07 GMT
server: nginx/1.18.0
etag: W/"61530403-118e"
content-type: application/json
access-control-allow-origin: https://window.unian.net
expires: Tue, 28 Sep 2021 22:36:58 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 15 KB
6 KB 54ms
25ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

986dd30240c5c391020459db60212c4d9df2d2eec66a1c065f76f89e85b17c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 20:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6277
x-xss-protection: 0
server: cafe
etag: 15175151693415529340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 21:43:19 GMT

GET
H3 200 1089226.jpg
images.unian.net/pb/010/thumb_files/h_190/ 10 KB
11 KB 34ms
33ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1089226.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c48b7edca3e2b7ca4f33103316f6efe280a27d2d16fa77d5fddff3772f0b103e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10335
cf-polished: qual=85, origFmt=jpeg, origSize=11139
content-disposition: inline; filename="1089226.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10540
last-modified: Tue, 28 Sep 2021 18:43:00 GMT
server: cloudflare
etag: "1d0782029a2f7f51557bb76ac2282ae9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1ZaU1Ak7yZvGlzvGahWtGzuiyimz3D8uLdtfEhKx7yYUkBMkkl9Bz%2FpZmLIMhNQGzIiCVzjDqrXzBvksVusEoAdOKSXMbMlft%2BCM5yMLHi9OwEi%2F7vNClb1SC36fOWIlN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce0806a2-LHR
x-1p1-cdn: HIT; Tue, 28 Sep 2021 18:44:11 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1089193.jpg
images.unian.net/pb/010/thumb_files/h_190/ 4 KB
5 KB 26ms
24ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1089193.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1011b671920e5f7c4f38a5ff7880da0b4210a4b5f12fef5e12fd22fd68000f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28617
cf-polished: qual=85, origFmt=jpeg, origSize=6110
content-disposition: inline; filename="1089193.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4054
last-modified: Tue, 28 Sep 2021 13:28:51 GMT
server: cloudflare
etag: "9c386ffe7ada6e62fc63c3715ee40c28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9a8Cxs%2FM4FjzaAZfeqUpMnRokTDy7mI32g2snmv1wkpR3YF3DIQIy2Z0J7Lm21uJkxxJEm8cLqmEDIPuRdxdmtOguZwrt7OggJnfRbdDg7BBUtciIMkZrsAv5Rf9z7fxi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce0a06a2-LHR
x-1p1-cdn: HIT; Tue, 28 Sep 2021 13:39:56 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1089076.JPEG
images.unian.net/pb/010/thumb_files/h_190/ 10 KB
11 KB 28ms
26ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1089076.JPEG

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae2eae09506ae6eac36ffe4b20761ef4c5537dd6d593cdd24053d849c80bff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29411
cf-polished: qual=85, origFmt=jpeg, origSize=11005
content-disposition: inline; filename="1089076.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10250
last-modified: Tue, 28 Sep 2021 13:13:58 GMT
server: cloudflare
etag: "fe001bca3eb8e64a7462b1040ad437f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNYHG1ZEY3tAc6Hk%2FKKv2fkJrFF8EMtJKgtvJ5c4umB3iCmoo%2Fn9EtmfAwG8gdyz%2FN8gmcb62X2RBJNCfj1QCBWEg2DWCMREtPE0nMKH3x2VIVb9jKkjkhjWG2v%2BpNiiJTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce0b06a2-LHR
x-1p1-cdn: HIT; Tue, 28 Sep 2021 13:15:10 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1089055.JPG
images.unian.net/pb/010/thumb_files/h_190/ 17 KB
18 KB 28ms
26ms Image
image/jpeg 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1089055.JPG

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b087ab6659012ec95e9fc07fa7b17a3eb1da944227341371d8953d15332d53fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30155
cf-polished: degrade=85, origSize=17602, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17471
last-modified: Tue, 28 Sep 2021 12:12:51 GMT
server: cloudflare
etag: "71143674a1c63b5eb95acc284a06535f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uiijis88hyhxlv2kr2MA8d8qDT03Fg1FIIWW5yiGkqObf5z3qEu2dyA%2BCz7pAo3v2hGKIJr46TDXQioDJqqLA0UhzMy5yC6fnNYXMKG6b%2F%2FLUGVnsCM0yygSMVXLHKfMZXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce0c06a2-LHR
x-1p1-cdn: MISS; Tue, 28 Sep 2021 13:14:23 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1088869.JPG
images.unian.net/pb/010/thumb_files/h_190/ 11 KB
11 KB 33ms
31ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1088869.JPG

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6407aee1b9c8870b174dfd696e8a4d8537318bff276f21a5351ca341c403e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39265
cf-polished: qual=85, origFmt=jpeg, origSize=11510
content-disposition: inline; filename="1088869.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10942
last-modified: Tue, 28 Sep 2021 10:18:57 GMT
server: cloudflare
etag: "f43f648fd3a6df2b6b476204c8f644d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsTFX7aTDbkr4Q9imJJ9ov6qkngZdygrw9CwOC5vnbYBcyR0UQ5S5f1nMaNSHahg9SVS5tjyeMQylS2RRwKh4vy2r6KI%2FgYJWWS0%2FzXsfA%2BdP18Z1qtZaVA3tt%2FS6S2i1eE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce0e06a2-LHR
x-1p1-cdn: HIT; Tue, 28 Sep 2021 10:42:27 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1088836.jpg
images.unian.net/pb/010/thumb_files/h_190/ 17 KB
18 KB 30ms
29ms Image
image/jpeg 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1088836.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b40e87f63cf3cb4f2e27f266d73beffaed30c3e843f54a7124c3ab1f19157a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49666
cf-polished: origSize=17998, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17899
last-modified: Tue, 28 Sep 2021 07:33:00 GMT
server: cloudflare
etag: "dfdf0b5b894bd79a4f09eb640e609868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2gzBnRb8PxIIt1W%2BpFTf2vx6HMjNK%2FULMcIBcDMP2VQvHuSs25hxkRBkgR2HqXN0XNvcLEepl3nXAEyi4bc9EnQ2dmHLm4v2ZhCJg8WFB8iYrQHX%2B%2FIslDV1PZjBriL7kM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce0f06a2-LHR
x-1p1-cdn: HIT; Tue, 28 Sep 2021 07:49:06 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 392847.jpg
images.unian.net/pb/003/thumb_files/h_190/ 5 KB
6 KB 30ms
29ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/003/thumb_files/h_190/392847.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5057ce3ab5d708ff3c5201208ff4fbb7df6dbd2a5be670d6776472d47811b378

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118982
cf-polished: qual=85, origFmt=jpeg, origSize=7540
content-disposition: inline; filename="392847.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5546
last-modified: Sat, 18 Jan 2020 07:41:16 GMT
server: cloudflare
etag: "393f021a3cfca62c9ad377e42e85309b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYU%2FPaLHyX19JgZWRZL6%2F8G4N9HPDAS%2BFcdjAsJpGnbO8N2sIJXZt3vfchKlaV%2FQovYtMVH9QUov66Ju7ejzO2Np5w0RZL1%2BtjyFKLdAKejr9Vno4cBkMN%2FJrZMbEbX5fQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce1006a2-LHR
x-1p1-cdn: MISS; Mon, 27 Sep 2021 12:33:56 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1087570.JPG
images.unian.net/pb/010/thumb_files/h_190/ 14 KB
15 KB 30ms
29ms Image
image/jpeg 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1087570.JPG

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4b23fb16a682ee0bf5b4e3624e7b34e84237e4ce9adcfe5e411b07b6fbdfca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122072
cf-polished: degrade=85, origSize=14315, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14189
last-modified: Wed, 22 Sep 2021 10:41:17 GMT
server: cloudflare
etag: "5372acfa68162a19234cb88c9469ed6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=douOeqPd7EhmxDOvlWcmAwz7ifPonbA09Onh%2BxfzNwvP2ej8Bwfz%2BUh7Vo6ZkGnyLx6hHRT7MTHO%2BT0l0Slt6UwwmU8Q%2B92iWlIlDwQjSWeIJoNe8HLIxzzPMmuyPKH4fpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce1306a2-LHR
x-1p1-cdn: HIT; Mon, 27 Sep 2021 11:42:25 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1088788.JPG
images.unian.net/pb/010/thumb_files/h_190/ 12 KB
13 KB 33ms
32ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1088788.JPG

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0dfc3054819c77a1eac85e57e589e6636bda59cfda1fd93b3f99d965ff494a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124061
cf-polished: qual=85, origFmt=jpeg, origSize=12860
content-disposition: inline; filename="1088788.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12618
last-modified: Mon, 27 Sep 2021 10:53:26 GMT
server: cloudflare
etag: "72db6c1b1f0a57dba66721a7556c5463"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcO7uOAJqSHFfED94mIyE%2FQCETdaTZbvruqMDl7PyIfPc4OM9dYmNonwiOTr68anPy%2F5GXuatBWKr0emWGkEJ2y7rkPdrv77yclvapWCEGrHhAfMLuflz%2FtXBUAltkGaZ60%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce1406a2-LHR
x-1p1-cdn: MISS; Mon, 27 Sep 2021 11:09:17 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 1088752.jpg
images.unian.net/pb/010/thumb_files/h_190/ 11 KB
12 KB 29ms
28ms Image
image/webp 104.26.10.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unian.net/pb/010/thumb_files/h_190/1088752.jpg

Requested by

Host: window.unian.net
URL: https://window.unian.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb57d753ed168fdc7cfea15d0fe9dc5707fd0228e25dfa4e837c6b9d9bfb8006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128474
cf-polished: qual=85, origFmt=jpeg, origSize=12043
content-disposition: inline; filename="1088752.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11330
last-modified: Mon, 27 Sep 2021 09:28:11 GMT
server: cloudflare
etag: "1245a216f5d632b54da7ec53a4aa0139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYjo4Wsb%2FBfyqhftgs62tIm7I%2BUDdUeM4MlA2Uh6xWAohF37D2b8K%2FQ2RNx%2FCgOipd%2F6H388WTMLEdmG4aR33ef2lWO2c0Zl1MTjyQ%2Bz6z6mpbafE66jgOQsBW%2F333Nn1C4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 28 Sep 2022 21:36:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69601c3bce1506a2-LHR
x-1p1-cdn: MISS; Mon, 27 Sep 2021 09:55:44 GMT
cf-bgj: imgq:85,h2pri

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1305928489&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwindow.unian.net%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BA%D0%BD%D0%BE%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BD%D0%B5%D0%B7%D0%B0%D0%B2%D0%B8%D1%81%D0%B8%D0%BC%D0%BE%D0%B5%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%9D%D0%98%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=v1-1632865017853-9784440988770&ev=439&_u=aGDAgEABAAAAAG~&jid=&gjid=&cid=1965891731.1632865018&tid=UA-32196466-1&_gid=771700151.1632865018&gtm=2wg9r056LPBQP&z=1834976092

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 11:11:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37509
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 43ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindow.unian.net%2F&domain=window.unian.net&cw=1&lsw=1

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://window.unian.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://window.unian.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1112
date: Tue, 28 Sep 2021 21:36:57 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 345 B
623 B 39ms
14ms XHR
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindow.unian.net%2F&domain=window.unian.net&cw=1&lsw=1

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c1fb7696ca63d3de87838ab2e046dd405905268ccb7f14ac50d6cd82f5a6fe71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 28 Sep 2021 21:36:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2644
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
1 KB 129ms
18ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832312&size_id=31&rp_schain=1.0,1!adtelligent.com,298309,1,,,&eid_pubcid.org=db43585f-b454-4d67-8ffa-0fa380a27447%5E1&rf=https%3A%2F%2Fwindow.unian.net%2F&tk_flint=pbjs_lite_v4.41.0-pre&x_source.tid=b8e14577-2d4f-4924-9db7-6c2f16f285d8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6141892338396922
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9ca48014f4f96b4e89b434ffac9a53074c0c79473279cf5abf74b8a1d4bb976d

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Sep 2021 21:36:58 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://window.unian.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 173 B
561 B 78ms
34ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwindow.unian.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c30c06eb-da08-454f-8dc7-4d95b7cee6ee%2Cb8e14577-2d4f-4924-9db7-6c2f16f285d8&nocache=1632865018457&pubcid=db43585f-b454-4d67-8ffa-0fa380a27447&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=1440x180%7C980x120%2C1340x120%2C1180x120&divids=api-gpt-catfish-wrapper%2Cbanner-ad-1&aucs=%2C&auid=541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: b9d56878426a84dd4b56e7f8ee1262dc0b4b20c24a5fd0777049e5691caecabf

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
content-encoding: gzip
server: OXGW/16.216.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://window.unian.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
698 B 58ms
14ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Sep 2021 21:36:58 GMT
X-Proxy-Origin: 216.131.111.9; 216.131.111.9; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b8b46b20-2a8d-4099-b8c2-50a6333245ff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://window.unian.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
171 B 286ms
91ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 28 Sep 2021 21:36:58 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://window.unian.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 63ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://window.unian.net
date: Tue, 28 Sep 2021 21:36:58 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2e43c/1/window.unian.net/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2e43c/1/window.unian.net/ROS?rnd=0.36956158859119514&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120&ur=https%3A%2F%2Fwindow.unian.net%2F&pb...
https://ads.us.e-planning.net/hb/1/2e43c/1/window.unian.net/ROS?ct=1&r=pbjs&rnd=0.36956158859119514&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120&ur=https%3A%2F%2Fwindow.unian...

82 B
404 B

14ms
13ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2e43c/1/window.unian.net/ROS?ct=1&r=pbjs&rnd=0.36956158859119514&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120&ur=https%3A%2F%2Fwindow.unian.net%2F&pbv=4.41.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwindow.unian.net%2F&e_pubcid=db43585f-b454-4d67-8ffa-0fa380a27447
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ca4aac9215e07e453bfe81d484ad1f84d04a68c8c9fdbcf272d04de943e02d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://window.unian.net
expires: Tue, 28 Sep 2021 21:36:58 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 82
x-sid: AMS-742

Redirect headers

date: Tue, 28 Sep 2021 21:36:58 GMT
server: openresty
access-control-allow-origin: https://window.unian.net
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/window.unian.net/ROS?ct=1&r=pbjs&rnd=0.36956158859119514&e=1440x180_0%3A1440x180%2B980x120_0%3A980x120%2C1340x120%2C1180x120&ur=https%3A%2F%2Fwindow.unian.net%2F&pbv=4.41.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwindow.unian.net%2F&e_pubcid=db43585f-b454-4d67-8ffa-0fa380a27447
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-742

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
912 B 331ms
103ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://window.unian.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 241 B
438 B 18ms
17ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: c1fd5ff3ed478b0103c1db73795ea0c2a3071e782449da1e49d9014b1a5b5439

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 28 Sep 2021 21:36:58 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://window.unian.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 147

GET prebid.1.1.aspx
inv-nets.admixer.net/ 0
0

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 361 B
464 B 101ms
18ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4eafbb50652f0a540f15d8b81df3e4925c7e9492c619e09a184d817741b96e45

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 28 Sep 2021 21:36:58 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://window.unian.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 173

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 809 B
654 B 17ms
17ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437389&aid2=437390&aid3=443025&aid4=607661&aid5=638043&aid6=undefined
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: b3de44919aa22f362671cc91bf33b4cc4c4de3dcaafe1a01d0d1712f9156efdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 21:36:58 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://window.unian.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 363

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D2B4 0
15 B 7ms
7ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3925
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://window.unian.net
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
cookie: fr=0GAqqGqjqn2uSydgg..BhU4r5...1.0.BhU4r5.
Upgrade-Insecure-Requests: 1
Origin: https://window.unian.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

content-type: text/plain
access-control-allow-origin: https://window.unian.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Tue, 28 Sep 2021 21:36:58 GMT

GET
H/1.1

200
OK

Cookie set csync Show response
sync.adtelligent.com/ Frame 5C3E
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ae7c8e5f-1f46-46f4-b688-500534fde53b

86 B
547 B

469ms
382ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ae7c8e5f-1f46-46f4-b688-500534fde53b
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://window.unian.net/
Accept-Encoding: gzip, deflate, br
Cookie: vmuid=cabd748f04f8d49b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

Server: VertaMedia 1.0
Date: Tue, 28 Sep 2021 21:36:58 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=cabd748f04f8d49b; expires=Mon, 29 Nov 2021 21:36:58 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=ae7c8e5f-1f46-46f4-b688-500534fde53b; expires=Mon, 29 Nov 2021 21:36:58 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie: viewer_token=ae7c8e5f-1f46-46f4-b688-500534fde53b; path=/; domain=csync.loopme.me; Expires=Thu, 28-Oct-2021 21:36:58 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ae7c8e5f-1f46-46f4-b688-500534fde53b
content-length: 0
date: Tue, 28 Sep 2021 21:36:58 GMT
server: _

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cabd748f04f8d49b

35 B
232 B

66ms
13ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cabd748f04f8d49b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:58 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cabd748f04f8d49b
Date: Tue, 28 Sep 2021 21:36:58 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 151ms
41ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:36:58 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 121
x-xss-protection: 1; mode=block
expires: -1

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
207 B 17ms
17ms XHR
text/plain 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://window.unian.net
Date: Tue, 28 Sep 2021 21:36:59 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 92ms
36ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=window.unian.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 21:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 81ms
32ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=window.unian.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 21:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 199 KB
27 KB 514ms
513ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3207754559057376&correlator=2757477850031112&output=ldjh&impl=fifs&eid=31062969%2C44749397%2C31062311&vrg=2021092706&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=82479101%2CDisplay_Unian.ua%2Ccatfish%2Ctop_1180x120&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1440x180%2C980x120%7C1340x120%7C1180x120&prev_scp=PageType_Unian%3Dwindow%26PageRubric_Unian%3Dwindow%26PageSubRubric_Unian%3D%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CPageType_Unian%3Dwindow%26PageRubric_Unian%3Dwindow%26PageSubRubric_Unian%3D%26PageRegion_Unian%3Dempty%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1632865020&dt=1632865020472&dlt=1632865017498&idt=660&frm=20&biw=1600&bih=1200&oid=3&adxs=80%2C390&adys=1020%2C0&adks=1240459465%2C2077371719&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwindow.unian.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1349x-1&msz=1600x-1%7C1180x-1&ga_vid=1965891731.1632865018&ga_sid=1632865020&ga_hid=1305928489&ga_fc=false&ga_cid=771700151.1632865018&fws=512%2C4&ohw=0%2C1180&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

eb8e0a7bc7a2889be81a157bc135d29b587ce575b40942d96e7562afb60f6c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:37:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27485
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://window.unian.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EACB 6 KB
4 KB 100ms
29ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Sep 2021 21:37:00 GMT
expires: Wed, 28 Sep 2022 21:37:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA70 6 KB
3 KB 51ms
22ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Sep 2021 21:37:00 GMT
expires: Wed, 28 Sep 2022 21:37:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 514F 6 KB
3 KB 46ms
24ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Sep 2021 21:37:00 GMT
expires: Wed, 28 Sep 2022 21:37:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 76ms
28ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27596
x-xss-protection: 0
server: sffe
etag: "1632742284803949"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 28 Sep 2021 21:37:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 69ms
38ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092706&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

77bbeccf206937c488f5c455e60fe5540179d27b5f1fa11feffc1bfeddc51fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Sep 2021 21:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8568
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 80ms
41ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092706.js?31062969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 28 Sep 2021 21:37:01 GMT

GET
H2 200 v3_298309_4142.json Show response
player.adtelligent.com/prebidlink/2721441/ 193 KB
12 KB 25ms
24ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/2721441/v3_298309_4142.json?cb=window.unian.net
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 11f3bc4484b8bc656a1a550686aa85e927c3c491903664323a7f51da2bc74d89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:37:01 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 08:07:55 GMT
server: nginx/1.18.0
etag: W/"6152cd5b-30230"
content-type: application/json
access-control-allow-origin: https://window.unian.net
expires: Tue, 28 Sep 2021 22:37:01 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ Frame BA70 2 KB
1017 B 87ms
33ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 20:04:22 GMT
server: ESF
date: Tue, 28 Sep 2021 21:37:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 21:37:01 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame BA70 1 KB
958 B 70ms
38ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:25:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA70 0
0 34ms
34ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C35nt_IpTYZTSII6X9u8P-5CysAbJ-PeNZbTb5LnQDKDG0MqpHRABIP3_hSNgleKQgqAHoAHctIHXA8gBCakCODSeKeaYsz7gAgCoAwHIA5sEqgTXAU_QB2iH5fC6OyCQXgRIS2Tan4B9pGvX3br1RtwAR1bdq5PFz_Jl01Ls_AGW5_SXCe_CM7O_JLeW2NTBre2mCH5XzbNQYzJrskL5Xsyk_y8_uShIJnPvt3ESZ7aw9nBqW5KODiJYyaKqucgQzMlF_l0Bgr3fMF4JyweWC4g5uGenKXZKhWXYCI8akErI3fU07Lw-8UlLL70YErkyeKg1-_yDPyoFTExLFjvSYUZYisTAP-AYr1h4svlulDNAmOrew0FnM6_HkN-hx3ToFNaLgLHrD4HIBIrkwAS-94GomQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7o_SPqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEELyUB9IICQiI4YAQEAEYHYAKA8gLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=QPzLfqZa9Lc&template_id=494
Requested by: Host: window.unian.net
URL: https://window.unian.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame BA70 18 KB
8 KB 60ms
29ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:30:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame BA70 3 KB
1 KB 69ms
39ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:35:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA70 122 KB
37 KB 230ms
230ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 28 Sep 2021 21:37:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame BA70 14 KB
6 KB 50ms
19ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:36:11 GMT

GET
H2 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame BA70 27 KB
12 KB 55ms
13ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 03:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 03:59:53 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 514F 1 KB
913 B 65ms
38ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:25:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 514F 0
0 36ms
36ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CavLv_IpTYZXSII6X9u8P-5CysAbJ-PeNZbTb5LnQDKDG0MqpHRABIP3_hSNgleKQgqAHoAHctIHXA8gBCakCODSeKeaYsz7gAgCoAwHIA5sEqgTZAU_Qy-B0z_ArXo5qu6kiDAlbOYqrkF6xLtJGr5mxw4nRXis8SqffBBfuTqFti_w4RO3RDY_vqYxCfzSoscOgSEZ9lP6ns4-1OEREjKParpQQm-czlcXz8cFiZ0DJe_e3T0ra4PYa94R06lDWdllKPZgLjU6UsCsNDnittIrTUU0l-A5sIHSh7laScxcNFbWnSInSVkwB3iaENDVWb_kfHKCms3fWFMrEKDaJY3ymqnF6l2_0K87HhWXL1nNKMTcdkV6JouAESEfkSQo7u9A7G6RYCFyJohGIzqfABL73gaiZA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfuj9I-qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ1LgF0ggJCIjhgBAQARgdgAoDyAsB2BMO0BUBgBcBshceChwIABIUcHViLTkxMzgyNDc2NTM3NTQ1MzMY1dsW&sigh=yHrr28_FADs&template_id=494
Requested by: Host: window.unian.net
URL: https://window.unian.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 514F 18 KB
8 KB 59ms
33ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:30:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 514F 3 KB
1 KB 47ms
21ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:35:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 514F 122 KB
37 KB 240ms
239ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 28 Sep 2021 21:37:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 514F 14 KB
7 KB 42ms
17ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 21:36:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 514F 0
0 81ms
31ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQkPgphYe4pq-ZlgAhw-fxMJXcG-Lx03sySMboEza7_c2PpEpTQz0Cc9qKOLmAB72HftuXq_VsJPTulE91cijZM1q8LA
Requested by: Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame 514F 27 KB
11 KB 54ms
18ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 03:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 03:59:53 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame BA70 24 KB
24 KB 169ms
89ms Image
image/jpeg 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQlFJ2LzNIupbTX-9Jtnk-fFvq_tiB_zfXVBtXPdpYb8G7JOxh5918qNdEe0FI&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

a4138789ad3c89abf5875c033047698bbfeb5ce67339871dcb635fbf0c81c488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:50:25 GMT
x-content-type-options: nosniff
age: 13596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24910
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 02:29:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 17:50:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BA70 15 KB
15 KB 131ms
53ms Image
image/jpeg 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT2v7M4Xj5l0Xpb903lv5rOw82dEsqWQsoNuwhUchZx7m_3yo8bofsA03VG08Q&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

6d7f3cfde0d65ddb982842bd8c1583a44e45b6b0f8cf39233620c608198b1193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 11:06:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:55:52 GMT
server: sffe
age: 37861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15394
x-xss-protection: 0
expires: Wed, 28 Sep 2022 11:06:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BA70 12 KB
13 KB 49ms
27ms Image
image/jpeg 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQk4g3rou0-of83pfi6f_Q3nJBARBO0dFx6-7XtzMYqYdmH0rdCBg97Den4RQ&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

2208af910207305fd2f8ef8d8b67c81ab1933b5e9ae30bfa705c6fcf06163f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:51:19 GMT
x-content-type-options: nosniff
age: 13542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12594
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 06:29:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 17:51:19 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BA70 58 KB
58 KB 112ms
34ms Image
image/jpeg 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT4sDp0eMGKVJX1Ca8MtzvkYq4gwu9gT41T17-HIAO7zONTui6uza0NIt1J8w&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

d060c1b4eada37ba322f5d59d1f337d95bb83a645f47d8eeb9f5fdbf0b411eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 18:56:04 GMT
x-content-type-options: nosniff
age: 9657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58883
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 04:58:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 18:56:04 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame BA70 8 KB
8 KB 156ms
77ms Image
image/jpeg 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQv2XwrxA5P3F-2DQRAlFWiWp27jDRaDeguzeb39LXmDRaneFFM8OcCq7xIng&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

48b009ab0d7ebe7278f0249e3b57bef199b7398dfcdfd10eb7cb96d217fe2390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:00:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 15:01:15 GMT
server: sffe
age: 189420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7682
x-xss-protection: 0
expires: Mon, 26 Sep 2022 17:00:01 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BA70 61 KB
61 KB 58ms
36ms Image
image/jpeg 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSJ1IbKNt3Zq7vvV_zhAMyn6CFSTD_QtdGiDcXfh6ouXdGAr6BwXH1Lj3aibg&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

5a8421a46e9465c2e7e3ee9c2824496190a63e9cc85d2d5f01f83b3e45f94b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 19:06:38 GMT
x-content-type-options: nosniff
age: 9023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61983
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 09:30:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 19:06:38 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame BA70 35 KB
35 KB 130ms
51ms Image
image/png 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTnEL51yKxe9NdLlSMV-HlIc8thbnsQMIefLeSjlqx6hzkQCZDY&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

8a7c9bfff36e87bb68180c0885df81fe1ef167d5b6b484c740bac894fa4ac064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:39:07 GMT
x-content-type-options: nosniff
age: 14274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36129
x-xss-protection: 0
last-modified: Wed, 15 Nov 2017 15:07:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 17:39:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 514F 24 KB
24 KB 170ms
95ms Image
image/jpeg 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQlFJ2LzNIupbTX-9Jtnk-fFvq_tiB_zfXVBtXPdpYb8G7JOxh5918qNdEe0FI&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

a4138789ad3c89abf5875c033047698bbfeb5ce67339871dcb635fbf0c81c488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:50:25 GMT
x-content-type-options: nosniff
age: 13596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24910
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 02:29:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 17:50:25 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 514F 40 KB
41 KB 153ms
78ms Image
image/jpeg 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT6BubKX2NvTVS0dwH7wxmaZv4tUjwQ9aODuql9J4DHdm-m5jQTK2xCo2DBPQ&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

4aa024d55d5f80c9d59668bcac34ecab87efd7fde5b104136e9d2534632bc44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 09:39:53 GMT
x-content-type-options: nosniff
age: 388628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41346
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 10:59:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 24 Sep 2022 09:39:53 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 514F 15 KB
15 KB 138ms
65ms Image
image/jpeg 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT2v7M4Xj5l0Xpb903lv5rOw82dEsqWQsoNuwhUchZx7m_3yo8bofsA03VG08Q&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

6d7f3cfde0d65ddb982842bd8c1583a44e45b6b0f8cf39233620c608198b1193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 11:06:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 01:55:52 GMT
server: sffe
age: 37861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15394
x-xss-protection: 0
expires: Wed, 28 Sep 2022 11:06:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 514F 61 KB
61 KB 79ms
62ms Image
image/jpeg 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSJ1IbKNt3Zq7vvV_zhAMyn6CFSTD_QtdGiDcXfh6ouXdGAr6BwXH1Lj3aibg&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

5a8421a46e9465c2e7e3ee9c2824496190a63e9cc85d2d5f01f83b3e45f94b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 19:06:38 GMT
x-content-type-options: nosniff
age: 9023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61983
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 09:30:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 19:06:38 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 514F 20 KB
21 KB 115ms
28ms Image
image/jpeg 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSr5VYgSSEutnakrb9MeK8zkAx_vFxz-U5HFsRX0P0QzPV1MQxrIMKbLRTyqYU&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

f3c936f26f428c081d346ada8c9317028966a9dfe227fdaa3b7fc006fe2a0404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:55:12 GMT
x-content-type-options: nosniff
age: 13309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20404
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 08:08:19 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 17:55:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 514F 10 KB
10 KB 151ms
78ms Image
image/jpeg 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQr28BuujvYIKJJ87Kl-ORCJomTfshWKSWhpTiHGCIqAJXxfLoy8tDApiuFbQ&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

9940c6e931c4a8c18327131adea02d7cab0533e286258b96801738c4d0d1683c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 13:56:25 GMT
x-content-type-options: nosniff
age: 286836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10303
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 11:49:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Sep 2022 13:56:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 514F 14 KB
15 KB 91ms
20ms Image
image/jpeg 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRUJdqM9-6oZBxU8-T1cAq7FtEoVd6ZTsTAnMKbY3E8K9HqgaYD8IHcNmPhFw&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

bfb9ab8a11d4fb76c70b0c70223983f70ccfadb57b0000603b8d57827caacf30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 19:14:17 GMT
x-content-type-options: nosniff
age: 8564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 14:16:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 19:14:17 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 514F 35 KB
36 KB 93ms
20ms Image
image/png 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTnEL51yKxe9NdLlSMV-HlIc8thbnsQMIefLeSjlqx6hzkQCZDY&usqp=CAI

Requested by

Host: 166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
URL: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

8a7c9bfff36e87bb68180c0885df81fe1ef167d5b6b484c740bac894fa4ac064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:39:07 GMT
x-content-type-options: nosniff
age: 14274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36129
x-xss-protection: 0
last-modified: Wed, 15 Nov 2017 15:07:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 17:39:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5A75 12 KB
5 KB 47ms
22ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 28 Sep 2021 21:13:06 GMT
expires: Wed, 28 Sep 2022 21:13:06 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E534 783 B
535 B 36ms
34ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

f4681f722ad34b257874d22aa43d5a43b0b91ecaa00b826ac665405cf836ba38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8AJo5Ykgh58FobRy4P4wAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://window.unian.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Sep 2021 21:37:01 GMT
date: Tue, 28 Sep 2021 21:37:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8AJo5Ykgh58FobRy4P4wAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E534 0
0 39ms
38ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092706&jk=3207754559057376&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A75 35 KB
13 KB 27ms
27ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:18:46 GMT

GET
DATA 200
OK truncated
/ Frame BA70 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bbb105eb19af18cdf058c1e25b321e78a3e177033c3ae81792a8eb56d6fa458

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 514F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d6123fff076da778f04fa30e532b8318b854238ac57bdf69f80446f56f514ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame BA70 20 KB
21 KB 78ms
21ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 14:27:55 GMT
x-content-type-options: nosniff
age: 198546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 14:27:55 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
207 B 20ms
20ms XHR
text/plain 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/453573/wrapper_hb_298309_4142.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://window.unian.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://window.unian.net
Date: Tue, 28 Sep 2021 21:37:01 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092706&jk=3207754559057376&bg=!paalpuLNAAZNQyuQTUM7ACkAdvg8WoSTm5QQCdCAk2Fknt9Kwj3LfhVN08Qb0GyC1bta69dw4uSeogIAAADPUgAAAA1oAQeZAqkUaSe3zq0CjFpTuWW4UyfzMkifaZEn2rjlZSIw2WFzMvE0mVZUv7bTwUelPktXohYGk99DaUjWHWzO5mor5-ZUPz_CzHujDAhhuWW1TkDpQdwZ3avw2DOnZjole9IQkAqSLhA2bU52NxUjmih7ao9-aNiU-DKxzACLloOmUgeiSscPBYx-ItL0ur9s8aBBnQnyR1mv3u6ciAIa_-NQ58S7lCSbPD9vsP7JOuOWWuKDiFUtqQbgonJtdIFKyl9lbkk87rYPOYXKb3hhcwsqlhwk0WH3_1VViLYolB3FPvP6wd8_dIMya6Z94orTPWhENDTXqD1cOfG0Diep8Y4PkGWfIP4y3pRGjCTB5A0GWBBYJsc80M4A-wR1Gbx_5EzSpLFBnCQuP_JHGdfNQP--rvfp_cYmG_q3jh9Likaao5IQR1f73p7L-aJHAqDgBO9d9fN02hN9kizOiswmprEHxvzRmGl6ADxI-7x2A7R4a5ZbeolRi6vfosjjOTIALhutBbkRWbPg-na8oWm9UR3FHDmiySZy7sICoV5KHg8vQDz1wYF_GTK5u-SvoRqv6c13UJExVbyRiveTsk0NxT5-IrWpeHYplADbYHGHNVUAOjyXZduD_kz17aLYxQ-Mm4Biqjn8gZD68EZUeeFlmNauXuAG-pmtvH8_IP2pDMxP_Zt9FsNIQdkYa4bC73UHseQTlmV9WESBWZwVKULIEYw-4eVo2OwAvvUhya249C0R7L6-IKzEnOof70zJl7VK5ev70qLhFQRNbu5zQ3ockgwtKE8M6DGKG6KRep5DNv6JRHwMzxwqpHH9ScNRJ_exnFjLAJb5gRUCGwyahfeQHvAOcTclAgfnvpO-fKrqu5U13qP1IIr1kMcyMlHD2myeMYRT-FjtBUTi6jW-TfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://window.unian.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 514F 42 B
64 B 35ms
35ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOdgD8PuEqpzrc9Nj5MlTkFgKqF3_A34PDDjB8wcdvl4e9ytbuTtxJEzqPDaSM0AqysDDBU1y_c2AYiFklBC75_RYXLktfXlF_yxIlP8DK6D2XrNy1bA&sai=AMfl-YREwJj0GQEYeEhL_zd3xdj6nk-gZsqfnbeNGsi9OWlu62AFIiQthoNdqJPHr6uN4dtsKkaU67DOlksf9y_j0qOv_YLwiMwX5qn9Drj0OSED-naXrSdRxcoAuRmHcVQI&sig=Cg0ArKJSzHY1E4s-YyehEAE&id=lidar2&mcvt=1000&p=0,390,120,1370&asp=0,390,120,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2077371719&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632865021016&rpt=478&isd=0&lsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:37:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA70 42 B
64 B 35ms
34ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWfGbDq04tPapEgNbTViJJwsQOATA6xWTykbYJ8GECxx8BbBDaacInq1KAhV6BjPw0REXKmUhj3Tz5oYd0kLT59sTm00BDMyVUYZwtCyFzHfDEh9d2eA&sai=AMfl-YQqgq2zOeS0ZBcow43X2DFrtgqiSJQd4AkoZXS-BadXJlP-zYqyxrYQd3XWL9RibCthtI5IhkAVlhutz59AvN7QKRX6dHqtBFKkNgZQ_uLKwXHop7SwciBK9xrwHEgY&sig=Cg0ArKJSzFgCaPKZgiFbEAE&id=lidar2&mcvt=1000&p=1020,80,1200,1520&asp=1020,80,1200,1520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1240459465&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632865021010&rpt=563&isd=0&lsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Sep 2021 21:37:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22id%22:14528,%22name%22:%22Dentsu_%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:13474,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%2228775402-7627-4260-b095-0e6afc56def1%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:3088288,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22db43585f-b454-4d67-8ffa-0fa380a27447%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22db43585f-b454-4d67-8ffa-0fa380a27447%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[1440,180]]}},%22adUnitCode%22:%22api-gpt-catfish-wrapper%22,%22transactionId%22:%22c30c06eb-da08-454f-8dc7-4d95b7cee6ee%22,%22sizes%22:[[1440,180]],%22bidId%22:%2226d4e3e159b248a%22,%22bidderRequestId%22:%22252ce623abf152c%22,%22auctionId%22:%224lo7rf.04%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:2,%22bidderWinsCount%22:0},{%22id%22:17236,%22name%22:%22Dentsu_Halfscreen%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:13474,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%229c5ac4fd-5e54-41a1-abaa-9b5d75ba6e85%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:3097617,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%22db43585f-b454-4d67-8ffa-0fa380a27447%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%22db43585f-b454-4d67-8ffa-0fa380a27447%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[1440,180]]}},%22adUnitCode%22:%22api-gpt-catfish-wrapper%22,%22transactionId%22:%22c30c06eb-da08-454f-8dc7-4d95b7cee6ee%22,%22sizes%22:[[1440,180]],%22bidId%22:%2227a0ee3eb1d700e%22,%22bidderRequestId%22:%22252ce623abf152c%22,%22auctionId%22:%224lo7rf.04%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:2,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fwindow.unian.net%2F%22}

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
window.unian.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: u6n5c9bbn7jr5b9dil2ini934u
.unian.net/	1970-01-19 21:35:51	Name: _gid Value: GA1.2.771700151.1632865018
.unian.net/	1970-01-19 21:34:25	Name: _gat Value: 1
.unian.net/	1970-01-19 21:34:25	Name: _gat_netTracker Value: 1
.facebook.com/	1970-01-19 23:44:01	Name: fr Value: 0GAqqGqjqn2uSydgg..BhU4r5...1.0.BhU4r5.
.unian.net/	1970-01-19 21:34:25	Name: _dc_gtm_UA-32196466-1 Value: 1
www.unian.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: dhhd4n6ujedmvf1d4k2a1vsi4h
.unian.net/	1970-01-19 21:34:39	Name: location_id Value: 115786
.unian.net/	1970-01-19 23:44:01	Name: _fbp Value: fb.1.1632865017926.1064881447
.unian.net/	1970-01-20 15:05:37	Name: _ga_P6EEJX21DY Value: GS1.1.1632865017.1.0.1632865017.60
.unian.net/	1970-01-20 15:05:37	Name: _ga_JLSK4Y8K67 Value: GS1.1.1632865017.1.0.1632865017.60
.unian.net/	1970-01-20 15:05:37	Name: _ga_DENC12J6P3 Value: GS1.1.1632865017.1.0.1632865017.60
.unian.net/	1970-01-20 07:03:13	Name: __gfp_64b Value: 7Vnb4nkJelJEF24nZ2LrYtcBygIWUcbNxEhnsoJRwMf.37\|1632865017
.hit.gemius.pl/	1970-01-20 07:03:13	Name: Gtest Value: KlSV1MGGQMQG7uLZDKjhvMoissGMXP8c25nSGuzQhCAWupnnGG5BU-Lx6eCxsG..
.hit.gemius.pl/	1970-01-20 07:03:13	Name: Gdyn Value: KlGUdRaGQMQG7uLZDKjhvMoissGMXP8c25nSGuzQhCAWupnnGG5BU-Lx6eKxGsRPIQlGvGGpvRDsSLY8RLcGsylPge9iaQG.
.unian.net/	1970-01-20 15:05:37	Name: _ga Value: GA1.2.1965891731.1632865018
.adtelligent.com/	1970-01-19 23:03:41	Name: vmuid Value: cabd748f04f8d49b
window.unian.net/	1970-01-19 22:17:37	Name: _pbjs_userid_consent_data Value: 3524755945110770
.unian.net/	1970-01-20 06:20:01	Name: _pubcid Value: db43585f-b454-4d67-8ffa-0fa380a27447
window.unian.net/	1970-01-20 06:56:01	Name: cto_bidid Value: PT6k619PeUpvYnlyR3F3Z3VxQiUyRm0xbWVwa1F6UVJrcE4wT3VvWkt2WkJFNDFnaXdVS3VjR2VLdUZvcHNQUm9aNjUlMkZkd3V6b1NhdlR0NGU1WXhlSjNDd1lhQWclM0QlM0Q
window.unian.net/	1970-01-20 06:56:01	Name: cto_bundle Value: rDavk19FeFFmOFdmN09mbjh6Z3hORTE4U0hXaGpWZjlNZ3RlSDNZckVpeHZkbFpkd1EzSG1EQjdRRmoxMDc5cVlUMUVuRnMlMkZFJTJCMDBQOGZIMlNTc3UlMkJFRW8wV1VXSlNYMEg4MzZvUE4xeEhrT25JbENUVXMzdjNSRmJZYUVwZkNTMDZ6SQ
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.openx.net/	1970-01-20 06:20:01	Name: i Value: db43585f-b454-4d67-8ffa-0fa380a27447\|1632865018
.rubiconproject.com/	1970-01-20 06:20:01	Name: khaos Value: KU4LO7V2-C-14Q8
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=
.rubiconproject.com/	1970-01-20 06:20:01	Name: audit Value: 1\|naVuGyos1qq4E0CV9ZWpF+gQd5lQV2kHy8N5jahKRdR4fvAiG4I3WZZY7Bh+E8vHlQfj+KqxIbbMboWaW1ii7ap6H+6fNNSw
.betweendigital.com/	1970-01-20 06:20:01	Name: dc Value: was1
.betweendigital.com/	1970-01-20 06:20:01	Name: tuuid Value: 5e571ef5-952a-5310-8ec6-28afef95a255
.betweendigital.com/	1970-01-20 06:20:01	Name: ut Value: YVOK-gALVliaLchtrQYH0qZkda25PS3wLc4mIQ==
.betweendigital.com/	1970-01-20 06:20:01	Name: ss Value: 1
.betweendigital.com/	1970-01-20 06:20:01	Name: unm Value: 1
.adtelligent.com/	1970-01-19 23:03:41	Name: a319130 Value: ae7c8e5f-1f46-46f4-b688-500534fde53b
.unian.net/	1970-01-20 06:56:01	Name: __gads Value: ID=906e3471bd85316c-227b133f64c900b4:T=1632865020:S=ALNI_MbfWrrFL_ZAIyBhtyGK43_I7ruXRA
.doubleclick.net/	1970-01-20 06:56:01	Name: IDE Value: AHWqTUkt2enPSO9QT6eL8A9uaZcalGEYv1HAKAO7JthG3Rc7W8W3RK7mnfeF9seE8bA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

166ba5f3efc9bd5068ecdc7ac81fa851.safeframe.googlesyndication.com
ads.betweendigital.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
analytics.google.com
connect.facebook.net
csync.loopme.me
dm.hybrid.ai
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
gum.criteo.com
ib.adnxs.com
images.unian.net
inv-nets.admixer.net
ls.hit.gemius.pl
pagead2.googlesyndication.com
photo.unian.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
push.1plus1.ua
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.adtelligent.com
sync.medidexs.com
t.trafmag.com
tpc.googlesyndication.com
unpkg.com
window.unian.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.unian.net
inv-nets.admixer.net
104.16.122.175
104.26.10.30
142.250.181.226
142.250.184.194
142.250.184.195
142.250.184.206
142.250.184.228
142.250.184.234
142.250.185.142
142.250.185.194
142.250.185.72
142.250.185.78
142.250.185.98
142.250.186.129
142.250.186.142
142.250.186.163
146.59.30.96
147.75.38.124
162.55.6.213
172.217.18.97
172.217.18.99
172.67.198.123
173.194.76.155
178.250.2.146
185.184.8.65
185.239.173.66
185.33.220.240
193.200.65.5
195.137.240.100
213.174.135.1
213.174.135.2
213.19.162.21
216.58.212.142
31.13.92.14
31.13.92.36
34.98.64.218
37.18.16.23
46.249.52.249
54.37.238.28
62.149.0.72
96.46.186.57
01fe5eeb7d10d258f52c97098571a1ebf8de7f14ce6ecd820a1d13c838edde31
04b8ae1d5a18323d904e3634b1d6cfea42ac45af2035f61427179e87c0a28f61
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c99bd086c32eeba518bee198628e250e82cc8f55ffc9b50e0c3b0727b67758a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f3bc4484b8bc656a1a550686aa85e927c3c491903664323a7f51da2bc74d89
12a2627a3042816fcffc55baf90519c71edb196ef3abd245f1a139d5390df3e4
18a5de0a622d07036d0a3cfb5b70031253e03045612bb52c9c1dc91cbfb017c2
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
203e76f138f1e1fd26b8d78a7f52410dcb0e021d6b6690d9e7a713ade7bf22be
2208af910207305fd2f8ef8d8b67c81ab1933b5e9ae30bfa705c6fcf06163f5c
28b1f4b9f20caeb834a4131d0b100e53f258fe81b8ac5367798f22bbb7869bfa
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
2fffaa0124ef1a21c5b5239151cfc7b4aaeeeec037bf0b0014161f12f8bb31b7
37694dfa2fb5db775a44fc1532ed407160ab949725540b3d3981cc840d71ac6d
3a06636a206691621ef22b7433b612d25654f97da6c47416d9375e25d2f26427
3a3709999474e5f54ad96be7449a8234f086fd73d9448f5a9c2e682c9aed96ef
3d6407aee1b9c8870b174dfd696e8a4d8537318bff276f21a5351ca341c403e2
41e906a81c69cc3d30f4a9c6fa50b5c3fc5756c9acabfbeaed66e170e62d12f7
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48b009ab0d7ebe7278f0249e3b57bef199b7398dfcdfd10eb7cb96d217fe2390
4a0d7dd211ff630caca27fe061cd59d857e3fcbb5279258e6b1fbc2853e78935
4aa024d55d5f80c9d59668bcac34ecab87efd7fde5b104136e9d2534632bc44b
4bbb105eb19af18cdf058c1e25b321e78a3e177033c3ae81792a8eb56d6fa458
4d6123fff076da778f04fa30e532b8318b854238ac57bdf69f80446f56f514ad
4eafbb50652f0a540f15d8b81df3e4925c7e9492c619e09a184d817741b96e45
4f2670c8b666ffeaa47b2f89eabed404a0dbb037d9115b1925af324db5330756
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503aa0afd924263e23e5fbe885c36ad5373a0cbf22c24b104032cef8fb831571
5057ce3ab5d708ff3c5201208ff4fbb7df6dbd2a5be670d6776472d47811b378
507ac872a403b75b4a05d114e658d3e14081b4800bee2f142b2ad9c999150a5a
5124ec463a3a065f6bcc61e1a19e261c2a46bfd70ed71df0f5ce6489171ad4e7
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
5997990a063195399256b06275252c6501de856686a8ca80a519e69a8efcc58e
5a8421a46e9465c2e7e3ee9c2824496190a63e9cc85d2d5f01f83b3e45f94b6c
5c9269a95531d695434bae92d5844264849a67fb28f16faa2a4e863e05f8aae6
5d72944f1cbbf3c488c93d8e4f22f5acf76a3b7e136fdde155f10df94f2e9317
5f7c52a5da90dfe325ba1633ab58b3ed2d495dd440a248a6e9f5944e04178a42
64d55fe57d9961d00ef3b455b71baee9c867b77805b1a0f7ed0e8c627b10bbc9
66a5ec3ae5e29d9220be3dcb99754d2888a59ac0e84350038c5037ace5105bf1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
6d7f3cfde0d65ddb982842bd8c1583a44e45b6b0f8cf39233620c608198b1193
6e4b23fb16a682ee0bf5b4e3624e7b34e84237e4ce9adcfe5e411b07b6fbdfca
7555db18dfc7cdb715dc618471fdb1c9ddbd210720e00bd7277c42ce51832b78
775ddd9cbfd52574866001b5fee64556f7727fd135605f0c639aed1bde9911d5
77759ddcf13b56f83fd5ef8641c832bc5878d9ceb265e3805fed4e34ff2fc013
77bbeccf206937c488f5c455e60fe5540179d27b5f1fa11feffc1bfeddc51fb5
7ae2eae09506ae6eac36ffe4b20761ef4c5537dd6d593cdd24053d849c80bff1
829e6123b34ec0433c2ee65a79589cb48bab763d75504fb4d9e7cb6c90ea328f
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d8128b18cc58599eac429a2387c00e93675267953d0e6bd1fb8ddd6ac8fd7d
885ef6bcf5babcd7c5b5108439000af5a9263aea72b4b7f17716392a53dba7ed
8a7c9bfff36e87bb68180c0885df81fe1ef167d5b6b484c740bac894fa4ac064
8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf
9286413b05e297304957f2eb54163d81f090a7e251b269e52921c59c5e97cd85
95b16a12576fb937ece3827cb01565d5552f7022ed3c28ae302fb4391fcfe840
986dd30240c5c391020459db60212c4d9df2d2eec66a1c065f76f89e85b17c87
9940c6e931c4a8c18327131adea02d7cab0533e286258b96801738c4d0d1683c
9ca48014f4f96b4e89b434ffac9a53074c0c79473279cf5abf74b8a1d4bb976d
9d1f82d276440e087528c782b734d4db3f9ff707d2217f2d7e4eda6f68d0cf43
a4138789ad3c89abf5875c033047698bbfeb5ce67339871dcb635fbf0c81c488
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59fe2bd2ab9abc737ef7b6d2145ab6b01301165b06d88a3dc0c6ee59a56a4d3
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8d168c18d91a93b35767fd0b11836d7ecf4a3f50b3350dee302758f1d49bb20
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ab775afb02f6f0e215ea17a861357d0842e786780f7363eb25800ad9aeaed666
ae181e91fc64ccbe42641c7227051e67306c41084a74e89b56a68ca6942dae02
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03996e23dcbea0107d19cd6a07ee6ff84b9cce67b4a2bae564046f89b00e948
b087ab6659012ec95e9fc07fa7b17a3eb1da944227341371d8953d15332d53fd
b104c2739905b36f01c9edfc126f75200dc92eaa8b4e482da4b95edea9ee94d0
b2a9457ae320b5181678d4c6e7a161767a46f18a69f17514b1d81f04518bddc0
b3de44919aa22f362671cc91bf33b4cc4c4de3dcaafe1a01d0d1712f9156efdb
b9d56878426a84dd4b56e7f8ee1262dc0b4b20c24a5fd0777049e5691caecabf
b9f9f54f53824a3f573716c3902f9cc6c8d2c96b3c37b72627c3cfe44255948c
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb384bbcee8b031f1e89f8e75d8f1576445c6062b1cd7cf5e19979617163de74
bf9e252a0e37cb51815857c61f23ce69133512c50d53a94477e7feb390cc9b5f
bfb9ab8a11d4fb76c70b0c70223983f70ccfadb57b0000603b8d57827caacf30
c1011b671920e5f7c4f38a5ff7880da0b4210a4b5f12fef5e12fd22fd68000f4
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c1fb7696ca63d3de87838ab2e046dd405905268ccb7f14ac50d6cd82f5a6fe71
c1fd5ff3ed478b0103c1db73795ea0c2a3071e782449da1e49d9014b1a5b5439
c48b7edca3e2b7ca4f33103316f6efe280a27d2d16fa77d5fddff3772f0b103e
c53420a0e6e79b5bbb303a1b64e8f05ca737a3dab8ce70b49356166d9174c0b9
c8a3c3cfecd4019e5a076400bfcdc706b8b76052fb9b0b62af719a96aa8dd716
ca4aac9215e07e453bfe81d484ad1f84d04a68c8c9fdbcf272d04de943e02d02
d060c1b4eada37ba322f5d59d1f337d95bb83a645f47d8eeb9f5fdbf0b411eaf
d2e650fde7b748c6f48495e6fa314563194333aef858db6fa4a6d3d5e19a11e0
d668e203faca0ed5a5a5d38b77897724459668e56ff0597e206dbf2e1f2b471b
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d83b4c7d6f3278b8dfd1cbf392c84ca4e4032c1c988c7fa93cd343395a936346
da9e4892a0d703fdf817f4b454e5c51c6edf3a835ea3e1742cac5bd5acf94be9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
e7b40e87f63cf3cb4f2e27f266d73beffaed30c3e843f54a7124c3ab1f19157a
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
eb57d753ed168fdc7cfea15d0fe9dc5707fd0228e25dfa4e837c6b9d9bfb8006
eb8e0a7bc7a2889be81a157bc135d29b587ce575b40942d96e7562afb60f6c6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dfc3054819c77a1eac85e57e589e6636bda59cfda1fd93b3f99d965ff494a5
f3c936f26f428c081d346ada8c9317028966a9dfe227fdaa3b7fc006fe2a0404
f4681f722ad34b257874d22aa43d5a43b0b91ecaa00b826ac665405cf836ba38
f4c6304ce8c374e6c6390298872690764d532b19ac24eacc7d29abf0757f811d
f7a40621de140fea12b04805ebabffa3a27e4a2ad7860419f39f101fa4bf53b2
f85be2c783ccf8b19608e20ff730df7fceade5315b6769711a6b243366c345bd
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fc6cc23038ce27d217c42d7abe48fc3309390bb7b4d2d42163df8f4f6d5e3196
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

window.unian.net Open in urlscan Pro 104.26.10.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

99 %HTTPS

0 %IPv6

30 Domains

48 Subdomains

41 IPs

7 Countries

2617 kBTransfer

5656 kBSize

34 Cookies

125 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

window.unian.net Open in urlscan Pro
104.26.10.30 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

99 %
HTTPS

0 %
IPv6

30
Domains

48
Subdomains

41
IPs

7
Countries

2617 kB
Transfer

5656 kB
Size

34
Cookies

164 HTTP transactions
3 data transactions