www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr.net/
Effective URL:
https://www.ukr.net/
Submission: On September 09 via manual (September 9th 2023, 11:43:42 am UTC) from UA — Scanned from DE

Summary HTTP 253 Redirects Links 306 Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 41 domains to perform 253 HTTP transactions. The main IP is 104.18.8.128, located in and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 210408.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.9.128 104.18.9.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	104.18.8.128 104.18.8.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700::68... 2606:4700::6812:409	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
28	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 8	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
4	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
2	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a06:8640:764::2 2a06:8640:764::2	55081 (24SHELLS) (24SHELLS)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2606:4700:440... 2606:4700:4400::ac40:9281	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	157.245.23.44 157.245.23.44	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	185.239.172.77 185.239.172.77	55081 (24SHELLS) (24SHELLS)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	44.193.144.116 44.193.144.116	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 7	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	13.42.176.194 13.42.176.194	16509 (AMAZON-02) (AMAZON-02)
1	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.244.140.106 18.244.140.106	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	3.9.77.36 3.9.77.36	16509 (AMAZON-02) (AMAZON-02)
253	58

1 104.18.9.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.8.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:409 (United States)

ASN13335 (CLOUDFLARENET, US)

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.zfctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:9281 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.23.44 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

bid.adsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.239.172.77 (United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.144.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-144-116.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.39.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.176.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-176-194.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.140.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-106.lhr50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.77.36 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-77-36.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	480 KB
28	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8780 c.mgid.com — Cisco Umbrella Rank: 5259 cdn.mgid.com — Cisco Umbrella Rank: 11454 servicer.mgid.com — Cisco Umbrella Rank: 8835 s-img.mgid.com — Cisco Umbrella Rank: 8151 cm.mgid.com — Cisco Umbrella Rank: 1410	174 KB
27	fwdcdn.com upst.fwdcdn.com — Cisco Umbrella Rank: 218559	427 KB
26	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 393 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 131856	255 KB
26	ukr.net 5 redirects ukr.net — Cisco Umbrella Rank: 76266 www.ukr.net — Cisco Umbrella Rank: 210408 zakladki.ukr.net — Cisco Umbrella Rank: 754942 accounts.ukr.net — Cisco Umbrella Rank: 183687 mail.ukr.net — Cisco Umbrella Rank: 126083 counter.ukr.net — Cisco Umbrella Rank: 164579	318 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 399	328 KB
11	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 7558 ghb.adtelligent.com — Cisco Umbrella Rank: 6229 sync.adtelligent.com — Cisco Umbrella Rank: 3401	195 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33862 hal900011.redintelligence.net — Cisco Umbrella Rank: 237764	55 KB
8	sinoptik.ua pinformer.sinoptik.ua — Cisco Umbrella Rank: 195421	46 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629	5 KB
6	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 12084	3 MB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	4 KB
5	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2541 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 122	2 KB
4	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 41752	8 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	286 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 29377 api.webgains.io — Cisco Umbrella Rank: 71233	18 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 43065	1 KB
3	gstatic.com fonts.gstatic.com	63 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 455 mug.criteo.com — Cisco Umbrella Rank: 2500	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	114 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 828 id5-sync.com — Cisco Umbrella Rank: 432	31 KB
2	trafmag.com trafmag.com — Cisco Umbrella Rank: 42968 t.trafmag.com — Cisco Umbrella Rank: 53178	4 KB
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10548	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 56202	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 84559	419 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 17067	704 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 46737	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 178919	931 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	46 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1091	398 B
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 3022
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 747	277 B
1	adsinteractive.com 1 redirects bid.adsinteractive.com — Cisco Umbrella Rank: 62453	387 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 572	63 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 653	14 KB
1	zfctrack.net s.zfctrack.net — Cisco Umbrella Rank: 323129	450 B
1	google.de www.google.de — Cisco Umbrella Rank: 5643	408 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 716146	170 B
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 292387	714 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1103	7 KB
253	41

	Domain	Requested by
27	upst.fwdcdn.com	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua
26	pagead2.googlesyndication.com	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com www.ukr.net www.googletagservices.com
23	tpc.googlesyndication.com	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org securepubads.g.doubleclick.net
19	s-img.mgid.com	www.ukr.net
15	cdn.ampproject.org	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
9	www.ukr.net	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua static.cloudflareinsights.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	pinformer.sinoptik.ua	www.ukr.net pinformer.sinoptik.ua
8	accounts.ukr.net	1 redirects upst.fwdcdn.com www.ukr.net accounts.ukr.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.ukr.net securepubads.g.doubleclick.net d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com pagead2.googlesyndication.com www.ukr.net
6	cl.imghosts.com	www.ukr.net
6	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
4	hal900011.redintelligence.net	1 redirects d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com hal900011.redintelligence.net
4	hal9000.redintelligence.net	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com hal900011.redintelligence.net
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	go.rcvlink.com	www.ukr.net go.rcvlink.com
4	www.googletagmanager.com	www.ukr.net www.googletagmanager.com adv.office-partner.de
3	pv.medialead.de	hal900011.redintelligence.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	sync.adtelligent.com	1 redirects www.ukr.net
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	fonts.googleapis.com	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com hal900011.redintelligence.net
2	www.googletagservices.com	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
2	cm.mgid.com	jsc.mgid.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.mgid.com	www.ukr.net
2	c.mgid.com	www.ukr.net
2	a4p.adpartner.pro	1 redirects upst.fwdcdn.com
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	jsc.mgid.com	www.ukr.net jsc.mgid.com
2	ukr.net	2 redirects
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	hal900011.redintelligence.net
1	track.webgains.com	www.ukr.net
1	adv.office-partner.de	hal900011.redintelligence.net
1	s0.2mdn.net	d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cookies.nextmillmedia.com	www.ukr.net
1	t.trafmag.com	www.ukr.net
1	ap.lijit.com	www.ukr.net
1	bid.adsinteractive.com	1 redirects
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	mug.criteo.com	www.ukr.net
1	servicer.mgid.com	jsc.mgid.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	s.zfctrack.net	www.ukr.net
1	www.google.de	www.ukr.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	loadercdn.net	www.ukr.net
1	trafmag.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	static.cloudflareinsights.com	www.ukr.net
1	zakladki.ukr.net	www.ukr.net
253	67

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
proizd.ua
robota.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
iron-master.com.ua
www.otpusk.ua
www.accordtour.com
gorod-plitki.com.ua
dom.ria.com
lun.ua
flatfy.ua
casada.ua
healthyway.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
budpolimer.com
goodmax.com.ua
luxchrono.com.ua
artpotolok.kiev.ua
lascala.ua
work.ua
optima.school
layboard.com
grc.ua
optima.study
cutt.ly
buketland.com.ua
flowers.ua
hvosting.ua
nic.ua
rx-name.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
mixadvert.com
m.mixadvert.com
kinoafisha.ua
www.5.ua
ukranews.com
gordonua.com
hromadske.radio
rubryka.com
www.currenttime.tv
nv.ua
sprotyv.info
www.pravda.com.ua
socportal.info
www.unn.com.ua
aspi.com.ua
bukvy.org
www.eurointegration.com.ua
www.radiosvoboda.org
agroportal.ua
kosatka.media
finance.today.ua
meta.ua
vgolos.ua
magnolia-tv.com
regionews.ua
espreso.tv
expres.online
life.ukrainianwall.com
tsn.ua
www.ostro.org
vechirniy.kyiv.ua
kyivschina24.com
u-news.com.ua
mykyivregion.com.ua
gsminfo.com.ua
prostomob.com
portaltele.com.ua
ilenta.com
newsyou.info
cikavosti.com
nnews.com.ua
t4.com.ua
garage.hyser.com.ua
autotheme.info
biz.nv.ua
toughathletics.com.ua
www.rbc.ua
terrikon.com
ukrbasket.net
news.uaportal.com
storinka.com.ua
womanlife.kyiv.ua
beautytips.kyiv.ua
pravdatutnews.com
woman24.kyiv.ua
ua-vestnik.com
novosti24.kyiv.ua
flot2017.com
ukrrudprom.com
vlasti.net
useti.org.ua
informator.ua
news24.in.ua
mil.co.ua
kriminal.tv
censor.net
novosti-n.org
www.epochtimes.com.ua
dailynews.kyiv.ua
odnaminyta.com
prostoway.com
mysugar.media
tykyiv.com
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
avtoapteka.net.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.aks.ua
sotnyk.net
helplist.io
www.facebook.com
dovidka.info
savelife.in.ua
shelter.dopomagai.org
bank.gov.ua
sprotyv.mod.gov.ua
klubnatura.pl
life.pravda.com.ua
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.bamf.de
www.ukrainetakeshelter.com
vogue.ua
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
adline.kiev.ua
mail.ukr.net

Subject Issuer	Validity	Valid
ukr.net Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
fwdcdn.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
adtcdn.com GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.ukr.net Thawte TLS RSA CA G1	`2023-04-29` - `2024-03-29`	a year	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
adpartner.pro R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
m.mixadvert.com R3	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-13` - `2024-06-13`	a year	crt.sh
loadercdn.net R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
player.adtelligent.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
s.zfctrack.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-17` - `2024-08-17`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.ukr.net/
Frame ID: 59A5A4B1A1B4F8B4C445223E6E9F708B
Requests: 113 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 3DC874ECD179A187CEE1E47286100A69
Requests: 6 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 291AFDB552528D78905AB82CECBF2642
Requests: 4 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Frame ID: 6D654C97B37B069E5855A8C944F89227
Requests: 12 HTTP requests in this frame

Frame: https://s.zfctrack.net/z
Frame ID: 4AA6FCD2E71517DB92586EC0FCBCD409
Requests: 1 HTTP requests in this frame

Frame: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAF1316EA44CB1C5740B4D2286F53841
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: 2F2D5DD66A47894D3785E82D8DEF2FC0
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=169425981589160372422
Frame ID: A57C0EB0C2231A7D00A5AB3EFCE4EFE9
Requests: 1 HTTP requests in this frame

Frame: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D673C9038F82C577A8B068EBF45D2B89
Requests: 19 HTTP requests in this frame

Frame: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2BFD61ADA13AC1032E3556222899F3A9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhii4tniATAB&v=APEucNXD0HSheYvQTjmAER-sL_ov6I9nQO031QwSIZYwDLdKZv5Gd6K-VGYFdrISd1NP0zt1c-RONGhBANoTyGlOA2e5QK27PknM98Nxm-rC1fIpfSa4euacIJRwU75-CwrpVZpfoxOZGSWER7xpvy_Oz7e9dRX39N99Neehf6mll8JlgynDc80
Frame ID: D566992F7B0B068514B37691B74520F6
Requests: 5 HTTP requests in this frame

Frame: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EB827634E331A8F1402DC9C8ACDA3BA
Requests: 13 HTTP requests in this frame

Frame: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E305A82C7780031D52959854AD5A4F84
Requests: 22 HTTP requests in this frame

Frame: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19250D5BF3276E79995D22AB69EB7166
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWuZC5lmHKUqv6QclKb6oV_KXYg8__Px3a085SwJ0qRQsLHEiIclWO2Kuq3NFmxMEcSFa2oj283Z2-pTqyWdBqtmWAGcCvrqri-QDCgfdj7rJZrGOprUoFLnuJW5Cr-q7654nwuMiDNo3-ga3osYLyF9XEUW882L8Mn2bUnqwgaEnRpF10
Frame ID: 850F9994AFE0090C04013A9ECD56D40F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B952F0E34212D4F03283347DEC47FBC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 593C5864FCCE8B864BE4CFAF7ACD3863
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: D42A1DE0B426C45A0CBA4C4A79E1D543
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96112900046186404444554012442011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 997A58F1500CB2130994F6667F67C321
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235
Frame ID: C50354C6144271A254DFA5423AFB8E66
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
Frame ID: AB7252367CC683375436559D3B20F2C3
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15E56AA78AA38EBFDD5906FD7FADE212
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2185C65266BB44C2ABCB57C77C41BB7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

253
Requests

93 %
HTTPS

43 %
IPv6

41
Domains

67
Subdomains

58
IPs

10
Countries

6357 kB
Transfer

11275 kB
Size

45
Cookies

306 Outgoing links

These are links going to different origins than the main page.

URL: http://ua.sinoptik.ua/?utm_source=ukr.net&utm_medium=main_page&utm_campaign=main_izbrannoe
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukr_net_main&utm_medium=banner_logo&utm_campaign=logo_main
Title: Rozetka

Search URL Search Domain Scan URL

URL: https://proizd.ua/
Title: Proizd.ua

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpm&utm_campaign=logo
Title: Robota.ua

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: https://avtoprod.ua/
Title: Продати авто на AVTOPROD.ua

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/
Title: Avtosale - автосалони України

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Кращі ціни на автоцивілку

Search URL Search Domain Scan URL

URL: https://goroshina.ua/
Title: Шинний центр ГороШина

Search URL Search Domain Scan URL

URL: https://iron-master.com.ua/ru/glavnaya/
Title: Пофарбувати авто -15% знижка

Search URL Search Domain Scan URL

URL: http://www.otpusk.ua/?utm_source=ukr.net&utm_medium=cpc&utm_content=general&utm_campaign=ukr.net
Title: 100% турів на Otpusk.ua

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/avtobusni_tury_plyazh_i_more
Title: Тури на море, відпочинок

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання житла

Search URL Search Domain Scan URL

URL: https://gorod-plitki.com.ua/ua/
Title: Магазин "Місто плитки" м. Київ

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://casada.ua/massazhnye-kresla-uk
Title: Масажні крісла Casada

Search URL Search Domain Scan URL

URL: http://healthyway.com.ua/uk/bil-v-suglobax-vixid-ye/
Title: Біль у суглобах

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: http://doctoronline.care/
Title: Безкоштовні консультації лікарів

Search URL Search Domain Scan URL

URL: https://viveohealth.com/
Title: Онлайн консультації лікарів

Search URL Search Domain Scan URL

URL: https://teplo.app/
Title: Допомога психологів

Search URL Search Domain Scan URL

URL: https://budpolimer.com/?utm_source=ukr.net
Title: Господарські товари

Search URL Search Domain Scan URL

URL: https://goodmax.com.ua/uk/catalog/87-schetchiki-dlya-vody
Title: Лічильники води Goodmax

Search URL Search Domain Scan URL

URL: http://luxchrono.com.ua/
Title: Годинники і прикраси Люксхроно

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: https://robota.ua/?utm_source=ukrnet&utm_medium=cpc&utm_campaign=link
Title: ROBOTA.ua - перевірені вакансії

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://layboard.com/ua
Title: Робота за кордоном - Layboard

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://optima.study/
Title: Курси для дітей і дорослих

Search URL Search Domain Scan URL

URL: https://cutt.ly/1B0Kz3E
Title: Курси програмування

Search URL Search Domain Scan URL

URL: https://buketland.com.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiтів

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury
Title: Автобусні тури в Європу

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: https://rx-name.ua/domains/tld/com.ua
Title: Домен com.ua 250 ₴ rx-name

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Прес-центр судової влади

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/3304278/8fa25436-0e96-4395-8f6b-bce564089601?data=eyJjcmVhdGVkX2F0IjoxNjk0MjU5ODE1LCJzaG93X2lkIjoiOGZhMjU0MzYtMGU5Ni00Mzk1LThmNmItYmNlNTY0MDg5NjAxIiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjMzMDQyNzgsImRhdGFfc291cmNlIjoiYXBwLWhiLXBsLTIwOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjhlZDNkMjZmLWRkNDQtNDlmZC1iNzNhLTA4NzgyOGFlMDgyYyIsInJlZ2lvbl9pZCI6ODYsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ==&hash=861ce2089af8c4690a2584c035d3b062

Search URL Search Domain Scan URL

URL: https://mixadvert.com/

Search URL Search Domain Scan URL

URL: https://m.mixadvert.com/go/?h=ace8795a802e6ff8b8743f4aab396ed8&t=444320&b=1559

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/luaksemburg-luaksemburg?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9B%D1%8E%D0%BA%D1%81%D0%B5%D0%BC%D0%B1%D1%83%D1%80%D0%B3%2C+%D0%9B%D1%8E%D0%BA%D1%81%D0%B5%D0%BC%D0%B1%D1%83%D1%80%D0%B3
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/dovbush?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%BE%D0%B2%D0%B1%D1%83%D1%88
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pid-gipnozom?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B4+%D0%B3%D0%B8%D0%BF%D0%BD%D0%BE%D0%B7%D0%BE%D0%BC
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/10-dn-v-bez-mami-v-kurshevel?utm_source=ukr.net&utm_medium=informer&utm_campaign=10+%D0%B4%D0%BD%D1%96%D0%B2+%D0%B1%D0%B5%D0%B7+%D0%BC%D0%B0%D0%BC%D0%B8+%D0%B2+%D0%9A%D1%83%D1%80%D1%88%D0%B5%D0%B2%D0%B5%D0%BB%D1%96
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/prigodi-arah-su-ta-porosya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D1%80%D0%B8%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D1%8F+%D0%90%D1%80%D0%B0%D1%85%D0%B8%D1%81%D0%B0+%D0%B8+%D0%BF%D0%BE%D1%80%D0%BE%D1%81%D0%B5%D0%BD%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kudlat-perc?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9B%D0%BE%D1%85%D0%BC%D0%B0%D1%82%D1%8B%D0%B5+%D0%BF%D0%B5%D1%80%D1%86%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/gran-turizmo?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%93%D1%80%D0%B0%D0%BD+%D0%A2%D1%83%D1%80%D0%B8%D0%B7%D0%BC%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/barbi?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%B0%D1%80%D0%B1%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/marmaduak?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D1%80%D0%BC%D0%B0%D0%B4%D1%8E%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/p-dl-tki-mutanti-cerepashki-n-ndzya-pogrom-mutant-v?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%B8+-+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D1%8B+%D0%A7%D0%B5%D1%80%D0%B5%D0%BF%D0%B0%D1%88%D0%BA%D0%B8-%D0%BD%D0%B8%D0%BD%D0%B4%D0%B7%D1%8F%3A+%D0%9F%D0%BE%D0%B3%D1%80%D0%BE%D0%BC+%D0%BC%D1%83%D1%82%D0%B0%D0%BD%D1%82%D0%BE%D0%B2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/besslavnie-ublyudki?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%B5%D1%81%D1%81%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5+%D1%83%D0%B1%D0%BB%D1%8E%D0%B4%D0%BA%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/real-t?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/10-pravdivih-fakt-v-pro-kohannya?utm_source=ukr.net&utm_medium=informer&utm_campaign=10+%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B8%D0%B2%D1%8B%D1%85+%D1%84%D0%B0%D0%BA%D1%82%D0%BE%D0%B2+%D0%BE+%D0%BB%D1%8E%D0%B1%D0%B2%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ya-n-na?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%AF%2C+%D0%9D%D0%B8%D0%BD%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mavka-lesnaya-pesnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D0%B2%D0%BA%D0%B0.+%D0%9B%D0%B5%D1%81%D0%BD%D0%B0%D1%8F+%D0%BF%D0%B5%D1%81%D0%BD%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/stihii?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D0%B8%D1%85%D0%B8%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/oppengeimer?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D0%BF%D0%BF%D0%B5%D0%BD%D0%B3%D0%B5%D0%B9%D0%BC%D0%B5%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/zv-rotacski?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%97%D0%B2%D0%B5%D1%80%D0%BE%D1%82%D0%B0%D1%87%D0%BA%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/missiya-nevpolnima-smertelnaya-rasplata-cast-1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%BD%D0%B5%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BC%D0%B0%3A+%D0%A0%D0%B0%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%B0.+%D0%A7%D0%B0%D1%81%D1%82%D1%8C+1
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/odnagdi-v-bryugge?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%97%D0%B0%D0%BB%D0%B5%D1%87%D1%8C+%D0%BD%D0%B0+%D0%B4%D0%BD%D0%BE+%D0%B2+%D0%91%D1%80%D1%8E%D0%B3%D0%B3%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/meg-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B5%D0%B3+2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/zanurennya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ostannya-podoroj-demetra?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B5%D0%B5+%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B5+%22%D0%94%D0%B5%D0%BC%D0%B5%D1%82%D1%80%D0%B0%22
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/sinii-juk?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D0%B8%D0%BD%D0%B8%D0%B9+%D0%B6%D1%83%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/20-dn-v-u-mar-upol?utm_source=ukr.net&utm_medium=informer&utm_campaign=20+%D0%B4%D0%BD%D0%B5%D0%B9+%D0%B2+%D0%9C%D0%B0%D1%80%D0%B8%D1%83%D0%BF%D0%BE%D0%BB%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/t-n-karavadjo?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A2%D0%B5%D0%BD%D1%8C+%D0%9A%D0%B0%D1%80%D0%B0%D0%B2%D0%B0%D0%B4%D0%B6%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/cempiony?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D0%B5%D0%BC%D0%BF%D0%B8%D0%BE%D0%BD%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/moi-msli-tihie?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%BE%D0%B8+%D0%BC%D1%8B%D1%81%D0%BB%D0%B8+%D1%82%D0%B8%D1%85%D0%B8%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/veresen?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%B5%D1%80%D0%B5%D1%81%D0%B5%D0%BD%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pogrujenie?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/king-of-killers?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BE%D1%80%D0%BE%D0%BB%D1%8C+%D1%83%D0%B1%D0%B8%D0%B9%D1%86
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 377 300 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 437 100 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 265 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 751 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 1 169 845 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 2 068 853 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 658 700 грн

Search URL Search Domain Scan URL

URL: https://www.5.ua/regiony/velycheznyi-ukrainskyi-stiah-proletiv-v-nebi-nad-donetskom-313293.html
Title: Величезний український стяг пролетів в небі над Донецьком

Search URL Search Domain Scan URL

URL: https://ukranews.com/ua/news/954724-600-vijskovyh-zasib-ppo-ta-15-tankiv-u-genshtabi-zsu-onovyly-dani-shhodo-vtrat-voroga
Title: 600 військових, засіб ППО та 15 танків, – у Генштабі ЗСУ оновили дані щодо втрат ворога

Search URL Search Domain Scan URL

URL: https://gordonua.com/ukr/news/war/japonija-zasudila-rosijski-vibori-na-okupovanikh-teritorijakh-i-zaklikala-do-posilennja-sanktsij-proti-rf-1680311.html
Title: Японія засудила російські "вибори" на окупованих територіях і заявила про необхідність посилити санкції проти РФ

Search URL Search Domain Scan URL

URL: https://hromadske.radio/news/2023/09/09/okupanty-zminiuiut-systemu-upravlinnia-na-tli-nastupu-zsu-isw/
Title: Окупанти змінюють систему управління на тлі наступу ЗСУ — ISW

Search URL Search Domain Scan URL

URL: https://rubryka.com/2023/09/09/zmi-ukrayinski-bezpilotnyky-zavitaly-do-vyborchogo-shtabu-okupantiv-na-zaporizhzhi/
Title: ЗМІ: українські безпілотники завітали до “виборчого” штабу окупантів на Запоріжжі

Search URL Search Domain Scan URL

URL: https://www.currenttime.tv/a/magate-vzryvi-aes/32585402.html
Title: МАГАТЭ сообщило о более 20 взрывах за неделю рядом с Запорожской АЭС

Search URL Search Domain Scan URL

URL: https://nv.ua/ukr/ukraine/events/v-ukrajini-znayshli-mertvim-britanskogo-dobrovolcya-zmi-ostanni-novini-50352321.html
Title: У водоймі зі зв’язаними за спиною руками. В Україні знайшли мертвим британського добровольця — ЗМІ

Search URL Search Domain Scan URL

URL: https://sprotyv.info/video/po-telebachennyu-na-tot-pokazali-video-proti-rosijskih-psevdoviboriv-podrobiczi-akczi%d1%97-hakeriv/
Title: По телебаченню на ТОТ показали відео проти російських псевдовиборів: подробиці акції хакерів

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/news/2023/09/9/7419108/
Title: Саміт G20 погодив спільну декларацію: знайшли компроміс щодо України

Search URL Search Domain Scan URL

URL: https://socportal.info/ua/news/gossekretar-ssha-zayavil-ot-chego-budet-zaviset-dalneishaya-podderzhka-ukrainy-ssha/
Title: Держсекретар США заявив, від чого залежатиме подальша підтримка України США

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/2045762-imperator-yaponiyi-visloviv-spodivannya-na-shvidke-vidnovlennya-miru-v-ukrayini
Title: Імператор Японії висловив сподівання на швидке відновлення миру в Україні

Search URL Search Domain Scan URL

URL: http://aspi.com.ua/news/politika/vi-ne-mozhete-siditi-u-bryusseli-ta-kazati-ukraini-yak-treba-voyuvati-gensek-nato
Title: Ви не можете сидіти у Брюсселі та казати Україні, як треба воювати – генсек НАТО Столтенберг

Search URL Search Domain Scan URL

URL: https://bukvy.org/denys-shmygal-zustrivsya-z-ochilnykom-mzs-yaponiyi-obgovoryly-perspektyvy-vzayemodiyi-u-gumanitarnomu-rozminuvanni/
Title: Денис Шмигаль зустрівся з очільником МЗС Японії: обговорили перспективи взаємодії у гуманітарному розмінуванні

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2023/09/9/7169097/
Title: ЗМІ: Ердоган закликав G20 піти на деякі вимоги РФ щодо "зернової угоди"

Search URL Search Domain Scan URL

URL: https://www.radiosvoboda.org/a/news-stavka-zelenskyi/32585395.html
Title: На Ставці розглянули план захисту критичної інфраструктури від ударів РФ – Зеленський

Search URL Search Domain Scan URL

URL: https://agroportal.ua/news/novosti-kompanii/na-mikolajivshchini-pochali-kombaynami-zbirati-cibulyu-cherez-brak-pracivnikiv
Title: На Миколаївщині почали збирати цибулю комбайнами через брак працівників

Search URL Search Domain Scan URL

URL: https://kosatka.media/category/elektroenergiya/news/moldova-nadala-ukrajini-obladnannya-dlya-elektropostachannya
Title: Молдова надала Україні обладнання для електропостачання

Search URL Search Domain Scan URL

URL: https://finance.today.ua/uryad-maye-namir-skorotyty-nadbavky-do-zarplaty-vchyteliv/
Title: Уряд має намір скоротити надбавки до зарплати вчителів

Search URL Search Domain Scan URL

URL: https://meta.ua/uk/news/incidents/87117-politsiya-viyavila-v-ukrayini-80-kativen-ta-mists-nesvobodi-de-okupanti-znuschalis-nad-mirnimi-zhitelyami/
Title: Поліція виявила в Україні 80 катівень та місць несвободи, де окупанти знущались над мирними жителями

Search URL Search Domain Scan URL

URL: https://internetua.com/u-vinnici-p-yanii-huligan-za-odnu-nics-rozbiv-12-priparkovanih-avto
Title: У Вінниці пʼяний хуліган за одну ніч розбив 12 припаркованих авто

Search URL Search Domain Scan URL

URL: https://vgolos.ua/news/u-lvovi-p-yaniy-vodiy-skoyiv-dtp-foto_1439735.html
Title: У Львові п'яний водій скоїв ДТП (фото)

Search URL Search Domain Scan URL

URL: http://magnolia-tv.com/news/95641-politseyski-vykryly-cherhovyy-shakhrayskyy-call-tsentr-u-holosiyivskomu-rayoni-kyyeva?prov=ukrnet
Title: Поліцейські викрили черговий шахрайський call-центр у Голосіївському районі Києва

Search URL Search Domain Scan URL

URL: https://regionews.ua/ukr/news/donetchina/1694255355-sud-vinis-viroki-p-yati-boyovikam-yaki-voyuvali-v-rayoni-bahmuta-i-mariupolya
Title: Суд виніс вироки п'яти бойовикам, які воювали в районі Бахмута і Маріуполя

Search URL Search Domain Scan URL

URL: https://regionews.ua/ukr/news/lvovshchina/1694258923-do-lvova-priyihav-eks-prem-er-britaniyi-boris-dzhonson
Title: До Львова приїхав екс-прем'єр Британії Борис Джонсон

Search URL Search Domain Scan URL

URL: https://espreso.tv/daniya-vzyala-u-trokh-muzeyakh-leopard-1-dlya-navchannya-ukrainskikh-viyskovikh
Title: Данія взяла у трьох музеях Leopard 1 для навчання українських військових

Search URL Search Domain Scan URL

URL: https://expres.online/podrobitsi/potuzhniy-zemletrus-u-marokko-vzhe-zabrav-zhittya-ponad-800-lyudey-mzs-pereviryae-chi-e-sered-nikh-ukraintsi
Title: Потужний землетрус у Марокко вже забрав життя понад 800 людей. МЗС перевіряє, чи є серед них українці

Search URL Search Domain Scan URL

URL: https://life.ukrainianwall.com/uk/107717-viyskoviy-oblik-ta-mobilizaciya-zhinok-nardep-rozpoviv-do-chogo-gotuvatisya
Title: В Раді пояснили, чи обмежать українкам виїзд за кордон

Search URL Search Domain Scan URL

URL: https://tsn.ua/ukrayina/odesiti-viyshli-na-akciyu-protestu-proti-tenderiv-na-rekonstrukciyu-budivel-sudu-ta-teatru-2406541.html
Title: Одесити вийшли на акцію протесту проти тендерів на реконструкцію будівель суду та театру

Search URL Search Domain Scan URL

URL: https://www.ostro.org/news/u-kyyevi-poproshhalysya-z-ukrayinskym-vchenym-ta-religiyeznavtsem-igorem-kozlovskym-i435783
Title: У Києві попрощалися з українським вченим та релігієзнавцем Ігорем Козловським

Search URL Search Domain Scan URL

URL: https://vechirniy.kyiv.ua/news/88028/
Title: На Дарниці провели аукціон на підтримку штурмової бригади

Search URL Search Domain Scan URL

URL: https://kyivschina24.com/news/ryatuvav-koleg-u-gostomeli-u-kyyevi-poproshhalysya-iz-nadzvychajnykom-yakyj-zagynuv-u-pershyj-den-povnomasshtabnoyi-vijny/
Title: Рятував колег у Гостомелі: у Києві попрощалися із надзвичайником, який загинув у перший день повномасштабної війни

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/154937-u-kyievi-dyrektora-pidpryiemstva-pidozruut-u-nezakonomu-vydobutku-korysnykh-kopalyn.html
Title: У Києві директора підприємства підозрюють у незаконному видобутку корисних копалин

Search URL Search Domain Scan URL

URL: https://mykyivregion.com.ua/news/ministr-zakordonnix-sprav-yaponiyi-pribuv-u-bucu-foto
Title: Міністр закордонних справ Японії прибув у Бучу (ФОТО)

Search URL Search Domain Scan URL

URL: https://gsminfo.com.ua/152437-radeon-rx-7700-xt-protestuvaly-u-15-igrah-vid-1080p-do-4k.html
Title: Radeon RX 7700 XT протестували у 15 іграх: від 1080p до 4K

Search URL Search Domain Scan URL

URL: https://prostomob.com/uk/166353-novynka-vid-xiaomi-masazhne-krislo-z-intelektualnymy-funkcziyamy
Title: Новинка від Xiaomi: масажне крісло з інтелектуальними функціями

Search URL Search Domain Scan URL

URL: https://portaltele.com.ua/news/companies/x-mozhe-pokazuvaty-korystuvacham-na-svoyij-platformi-reklamu-bez-mitok.html
Title: X може показувати користувачам на своїй платформі рекламу без міток

Search URL Search Domain Scan URL

URL: https://ilenta.com/uk/news/misc/misc_6047.html
Title: Представлено робот-пилосос Xiaomi Robot Vacuum E10C з потужністю всмоктування 3500 Па

Search URL Search Domain Scan URL

URL: https://internetua.com/ukrayinski-hakeri-zmusili-csinovnikiv-dnr-sluhati-gimn-ukrayini-i-pisnua-batko-nash-bandera-video
Title: Українські хакери змусили чиновників "ДНР" слухати гімн України і пісню "Батько наш Бандера". Відео

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/09/pyat-velikix-astero%d1%97div-nablizhayutsya-do-zemli-2
Title: П’ять великих астероїдів наближаються до Землі

Search URL Search Domain Scan URL

URL: https://cikavosti.com/fiziki-vpershe-sposterigali-beta-rozpad-atomnogo-iadra-na-chotiri-chastinki/
Title: Фізики вперше спостерігали бета-розпад атомного ядра на чотири частинки

Search URL Search Domain Scan URL

URL: https://internetua.com/vcseni-viyavili-novu-pricsinu-viniknennya-starecsogo-nedoumstva-ta-hvorobi-alcgeimera
Title: Вчені виявили нову причину виникнення старечого недоумства та хвороби Альцгеймера

Search URL Search Domain Scan URL

URL: https://nnews.com.ua/sobachyj-mozok-vyyavlyaye-osoblyvu-pryhylnist-do-zhinochyh-golosiv-doslidzhennya.html
Title: Собачий мозок виявляє особливу прихильність до жіночих голосів, – дослідження

Search URL Search Domain Scan URL

URL: https://t4.com.ua/science/paleontology-opysaly-novyj-vyd-gigantskyh-dynozavriv/
Title: Палеонтологи описали новий вид гігантських динозаврів

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/09/v-ukra%d1%97ni-zyavivsya-potuzhnij-elektromobil-iz-velicheznim-zapasom-xodu-foto
Title: В Україні з’явився потужний електромобіль із величезним запасом ходу (фото)

Search URL Search Domain Scan URL

URL: https://garage.hyser.com.ua/uk/193946-eto-ochen-bolshaya-oshibka-pochemu-nelzya-ostavlyat-mashinu-s-vyvernutymi-kolesami
Title: Названа причина, через яку не можна залишати автомобіль з вивернутими колесами

Search URL Search Domain Scan URL

URL: https://autotheme.info/news/203129-odin-iz-najpopulyarnishih-avtomobiliv-v-ukrayini-viznano-najbilsh-nenadijnim.html
Title: Один із найпопулярніших автомобілів в Україні визнано найбільш ненадійним

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/bmw-peredumala-prodavati-pidpisku-na-pidigriv-sidin-50352166.html
Title: Ідея провалилася. BMW відмовилася від продажу підписки на підігрів сидінь

Search URL Search Domain Scan URL

URL: https://internetua.com/v-ukrayini-pomitili-avtomobil-analogiv-yakomu-nemaye-u-sviti
Title: В Україні помітили автомобіль, аналогів якому немає у світі

Search URL Search Domain Scan URL

URL: http://sport.ua/uk/news/641519-konoplya-nalashtovani-pokazuvati-agresiyu-z-pershih-hvilin-matchu-z-angliieyu
Title: КОНОПЛЯ: «Налаштовані показувати агресію з перших хвилин матчу з Англією»

Search URL Search Domain Scan URL

URL: https://toughathletics.com.ua/2023/09/09/nizkiy_puls23/
Title: Низький Пульс: Про бігові івенти цієї осені

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/maguchih-i-shche-p-yat-ukrayinok-vidibralisya-1694259003.html
Title: Магучіх і ще п'ять українок відібралися у фінал сезону Діамантової ліги

Search URL Search Domain Scan URL

URL: https://terrikon.com/uk/posts/452237
Title: Петраков: Нічия з Туреччиною – оптимальний результат для Вірменії

Search URL Search Domain Scan URL

URL: http://ukrbasket.net/news/latvya--litva-vdeotranslyacya-matchu-chemponatu-svtu
Title: Латвія — Литва: відеотрансляція матчу чемпіонату світу

Search URL Search Domain Scan URL

URL: https://news.uaportal.com/ukr/section-news/news-vrachi-nazvali-samyij-poleznyij-dlya-organizma-ovosch-vyi-budete-udivlenyi-09-09-2023.html
Title: Лікарі назвали найкорисніший для організму овоч: ви будете здивовані

Search URL Search Domain Scan URL

URL: http://storinka.com.ua/ukr/2023/09/ucenye-nasli-pricinu-sindroma-vnezapnoj-smerti-mladencev/
Title: Вчені знайшли причину синдрому раптової смерті немовлят

Search URL Search Domain Scan URL

URL: https://womanlife.kyiv.ua/zdorovya/7-oznak-togo-shho-nashe-tilo-stariye-duzhe-shvidko/
Title: 7 ознак того, що наше тіло старіє дуже швидко

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/145998-likaro-nkolog-ozvuchyv-osnovnu-oznak-agresnogo-raku-shlunka.html
Title: Лікар-онколог озвучив основну ознаку агресивного раку шлунка

Search URL Search Domain Scan URL

URL: https://beautytips.kyiv.ua/novini/yaki-medichni-analizi-zhinkam-potribno-zdavati-shhorichno/
Title: Які медичні аналізи жінкам потрібно здавати щорічно

Search URL Search Domain Scan URL

URL: https://pravdatutnews.com/lifestyle/2023/09/09/29319-film-fotofobiya-otrymav-pryz-europa-cinemas-label-award
Title: Фільм "Фотофобія" отримав приз Europa Cinemas Label Award

Search URL Search Domain Scan URL

URL: https://woman24.kyiv.ua/shou-biznes/liliya-rebrik-pohizuvalasya-shhedrim-vrozhayem-z-vlasnogo-gorodu-2/
Title: Лілія Ребрик похизувалася щедрим врожаєм з власного городу

Search URL Search Domain Scan URL

URL: https://womanlife.kyiv.ua/shou-biznes/dmitro-stupka-yakij-prozhivaye-u-ssha-rozpoviv-pro-novij-etap-u-svoyemu-zhitti/
Title: Дмитро Ступка, який проживає у США, розповів про новий етап у своєму житті

Search URL Search Domain Scan URL

URL: https://ua-vestnik.com/shoubiz/sofi-terner-i-dzho-dzhonas-vpershe-prokomentuvali-svoye-rozluchennya.html
Title: Софі Тернер і Джо Джонас вперше прокоментували своє розлучення

Search URL Search Domain Scan URL

URL: https://novosti24.kyiv.ua/shou-biznes/florens-p-8217-yu-v-merezhivnij-prozorij-sukni-z-8217-yavilasya-na-tseremoniyi-elle-style-awards-2023/
Title: Флоренс П’ю в мереживній прозорій сукні з’явилася на церемонії Elle Style Awards 2023

Search URL Search Domain Scan URL

URL: https://espreso.tv/v-baltiyskomu-mori-kraini-nato-pochali-masshtabni-navchannya-dlya-vidbittya-rosiyskogo-napadu
Title: В Балтійському морі країни НАТО відпрацьовують імовірний контрудар по росіянах

Search URL Search Domain Scan URL

URL: https://flot2017.com/severnaya-koreya-gotova-zakljuchit-soglashenie-s-rf-o-postavkah-oruzhiya-ft/
Title: Северная Корея готова заключить соглашение с рф о поставках оружия — FT

Search URL Search Domain Scan URL

URL: https://ukranews.com/ua/news/954684-mizh-sluzhboyu-zovnishnoyi-rozvidky-ta-gru-minoborony-rf-rozgornulasya-borotba-za-spadshhynu
Title: Між Службою зовнішньої розвідки та ГРУ Міноборони РФ розгорнулася боротьба за спадщину Пригожина

Search URL Search Domain Scan URL

URL: https://tsn.ua/svit/u-rf-znovu-zayavili-pro-obstril-byelgorodskoyi-oblasti-2406538.html
Title: У РФ знову заявили про обстріл Бєлгородської області

Search URL Search Domain Scan URL

URL: https://ukrrudprom.com/digest/ES_vospolzuetsya_otsutstviem_liderov_Rossii_i_Kitaya_na_sammite_G20_chtobi_zadrugitsya_s_Afrikoy.html
Title: ЕС воспользуется отсутствием лидеров России и Китая на саммите G20, чтобы задружиться с Африкой

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/09/cucenya-stalo-zirkoyu-merezhi-rozigravshi-gospodarya-video-4
Title: Цуценя стало зіркою Мережі, розігравши господаря (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/154914-u-zhinochomu-kvartali-vismijli-odnookogo-arestuovicha.html
Title: У програмі "Жіночий квартал" зробили гумор на тему одноокого Арестовича

Search URL Search Domain Scan URL

URL: https://vlasti.net/news/359795
Title: Лавров ледь не впав на червоній доріжці саміту G20 в Індії

Search URL Search Domain Scan URL

URL: https://internetua.com/u-tehasi-viyavili-kishku-yaka-krade-recsi-u-svoyih-susidiv
Title: У Техасі виявили кішку, яка краде речі у своїх сусідів

Search URL Search Domain Scan URL

URL: https://useti.org.ua/lifestyle/najtovstishij-kit-u-sviti-siv-na-diyetu-foto/
Title: Найтовстіший кіт у світі сів на дієту (ФОТО)

Search URL Search Domain Scan URL

URL: https://tsn.ua/glamur/stiven-fray-vidtvoriv-legendarne-foto-oleni-zelenskoyi-yake-sprichinilo-skandal-2406544.html
Title: Стівен Фрай відтворив легендарне фото Олени Зеленської, яке спричинило скандал

Search URL Search Domain Scan URL

URL: https://gordonua.com/ukr/news/war/na-samiti-pershikh-ledi-ta-dzhentlmeniv-medustanovi-ukrajini-ta-inshikh-krajin-uklali-25-memorandumiv-pro-partnerstvo-vp-1680327.html
Title: На саміті перших леді та джентльменів медустанови України та інших країн уклали 25 меморандумів про партнерство – ОП

Search URL Search Domain Scan URL

URL: https://flot2017.com/podarok-ot-vsu-v-nebe-nad-doneckom-poyavilsya-ukrainskij-flag-video/
Title: Подарок от ВСУ: в небе над Донецком появился украинский флаг — видео

Search URL Search Domain Scan URL

URL: https://informator.ua/uk/chorniy-veresen-velikobritaniya-v-pershu-richnicyu-smerti-yelizaveti-ii
Title: Чорний вересень. Великобританія в першу річницю смерті Єлизавети II

Search URL Search Domain Scan URL

URL: https://news24.in.ua/shou-biz/yeva-longoriya-podililasya-foto-v-kupalniku.html
Title: Єва Лонгорія поділилася фото в купальнику

Search URL Search Domain Scan URL

URL: https://mil.co.ua/tos-1a/
Title: Нацгвардійці 27-ї бригади на Сході знищили смертоносний російський ТОС-1А (Відео)

Search URL Search Domain Scan URL

URL: https://kriminal.tv/news/ukrajinskij_bezpilotnik_shark_dopomig_znischiti_pjat_rosijskih_zrk_buk_video.html
Title: Український безпілотник Shark допоміг знищити п’ять російських ЗРК “Бук” (Відео)

Search URL Search Domain Scan URL

URL: https://censor.net/ua/video_news/3442451/vodolazy_ta_vybuhotehniky_vms_zs_ukrayiny_proyishly_navchannya_u_velykiyi_brytaniyi_video
Title: Водолази та вибухотехніки ВМС ЗС України пройшли навчання у Великій Британії. ВIДЕО

Search URL Search Domain Scan URL

URL: https://novosti-n.org/ua/ukraine/Zolotystyj-retriver-u-basejni-zmusyv-usih-jomu-zazdryty-VIDEO--306892
Title: Золотистий ретрівер у басейні змусив усіх йому заздрити (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://www.epochtimes.com.ua/novyny-svitu/kuba-zaareshtuvala-17-osib-za-verbuvannya-do-rosiyskoyi-armiyi-video-153871
Title: Куба заарештувала 17 осіб за вербування до російської армії (ВІДЕО)

Search URL Search Domain Scan URL

URL: https://ua-vestnik.com/lifestyle/5-idej-yak-oformiti-domashnyu-biblioteku.html
Title: 5 ідей, як оформити домашню бібліотеку

Search URL Search Domain Scan URL

URL: https://dailynews.kyiv.ua/lifestyle/spalnya-po-fen-shuj-5-sposobiv-zaluchiti-simejne-shhastya/
Title: Спальня по фен-шуй: 5 способів залучити сімейне щастя

Search URL Search Domain Scan URL

URL: https://useti.org.ua/lifestyle/lajfhak-vid-farmatsevtiv-yakij-dozvolit-ne-natirati-nogi-v-novomu-vzutti/
Title: Лайфхак від фармацевтів, який дозволить не натирати ноги в новому взутті

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/154926-yak-zmenshyty-namerzannia-lodu-v-kholodylnyku.html
Title: Як зменшити намерзання льоду в холодильнику

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/09/chotiri-sposobi-xudnuti-pid-chas-snu-prosti-poradi-dlya-garno%d1%97-figuri
Title: Чотири способи худнути під час сну: прості поради для гарної фігури

Search URL Search Domain Scan URL

URL: https://odnaminyta.com/reczepti/263102-skilky-ne-spechit-sim-ya-vporayetsya-z-czym-desertom-za-hvylynu-legendarnyj-slyvovyj-pyrig-pyshnyj-i-solodkyj?utm_source=ukr.net
Title: Легендарний сливовий пиріг: пишний і солодкий десерт. Добавка знадобиться гарантовано

Search URL Search Domain Scan URL

URL: https://prostoway.com/55830-navishho-pid-chas-varinnya-lisovyh-grybiv-dosvidcheni-gospodyni-dodayut-czilu-czybulynu-malo-hto-znaye-pro-cze
Title: Навіщо під час варіння лісових грибів досвідчені господині додають цілу цибулину

Search URL Search Domain Scan URL

URL: https://internetua.com/recept-aromatnogo-biskvitnogo-keksu-z-yagodami
Title: Рецепт ароматного бісквітного кексу з ягодами

Search URL Search Domain Scan URL

URL: https://mysugar.media/aktual-no/vermishel-shirataki-z-kurkoyu-diyetichnij-recept-10320196.html
Title: Вермішель Ширатакі з куркою — дієтичний рецепт

Search URL Search Domain Scan URL

URL: http://tykyiv.com/food/vinnii-etiket/
Title: Правила винного етикету: поради гастроекспертки

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто та диски

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Автозапчастини

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: https://avtoapteka.net.ua/ua/akkumuljatory/avtomobilnye-akkumuliatory/electron/
Title: Акумулятори Electron

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://ukrguma.com.ua/poroshkove-farbuvannya/
Title: Фарбування дисків

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Купити нове авто

Search URL Search Domain Scan URL

URL: http://kiaparts.com.ua/
Title: Запчаст. Kia, Hyundai

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті ВІДІ Ліберті

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: CR-V Hybrid в наявності

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан ВІДІ Армада

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Toyota_center_odessa_vidi_palmira-1038/#Id=7316;event=news;_page=news_item;tab=news_tab;ajax=1
Title: Toyota з вигодою до -5%

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://www.aks.ua/uk/
Title: Мобільні аксесуари

Search URL Search Domain Scan URL

URL: https://sotnyk.net/ua/teplovizory/
Title: Військові тепловізори

Search URL Search Domain Scan URL

URL: https://helplist.io/
Title: Об'єднання волонтерів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/687761881312683
Title: Свалявський рух опору

Search URL Search Domain Scan URL

URL: https://dovidka.info/
Title: Dovidka.info

Search URL Search Domain Scan URL

URL: https://savelife.in.ua/donate/
Title: Підтримка армії

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/create?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_host&utm_id=ukrnet
Title: Житло біженцям

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces
Title: Допомога ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/president.gov.ua
Title: Офіс Президента

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KabminUA
Title: Кабінет Міністрів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mvs.gov.ua
Title: Мін. внутрішніх справ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNS.GOV.UA
Title: ДСНС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TerritorialDefenseForces
Title: ТерО ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUStratCom
Title: СтратКом ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dsszzi
Title: Держспецзвʼязок

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUkraine
Title: ЗС України

Search URL Search Domain Scan URL

URL: https://sprotyv.mod.gov.ua/
Title: Центр нац. спротиву

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeneralStaff.ua
Title: Ген штаб ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MinistryofDefence.UA
Title: Міністерство оборони

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UA.National.Police
Title: Національна поліція

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DPSUkraine
Title: ДПС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NGUmainpage
Title: Нацгвардія України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StratcomCentreUA
Title: Центр інф. безпеки

Search URL Search Domain Scan URL

URL: https://www.facebook.com/navy.mil.gov.ua
Title: ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinCAFU
Title: Головнокомандувач

Search URL Search Domain Scan URL

URL: https://klubnatura.pl/pages/solidarni-z-ukraina
Title: Допомога в Польщі

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/03/11/247770/
Title: Пошук житла

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/hilfe-fuer-die-ukraine.html
Title: Житло в Німеччині

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/
Title: Прихисток для біженців

Search URL Search Domain Scan URL

URL: https://chytomo.com/dlia-kulturnykh-diiachiv-i-osvitian-dopomoha-i-pratsevlashtuvannia-za-kordonom/
Title: Працевлаштування за кордоном

Search URL Search Domain Scan URL

URL: https://zib.com.ua/ua/151001-timchasoviy_zahist_na_kipri_mozhlivosti_dlya_ukrainciv.html
Title: Допомога на Кіпрі

Search URL Search Domain Scan URL

URL: https://www.bamf.de/DE/Themen/AsylFluechtlingsschutz/ResettlementRelocation/InformationenEinreiseUkraine/informationen-einreise-ukraine-node.html
Title: Допомога в Німеччині

Search URL Search Domain Scan URL

URL: https://www.ukrainetakeshelter.com/
Title: Розміщення біженців

Search URL Search Domain Scan URL

URL: https://www.facebook.com/752118234860641/posts/7149925781746489/?d=n
Title: Сайти допомоги

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_guest&utm_id=ukrnet
Title: Безкоштовне житло в Україні

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/culture/puteshestviya/kijiv-vilnyus-shcho-maye-znati-kozhen-ukrajinskiy-bizhenec.html
Title: Допомога у Вільнюсі

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/bizhenci-z-ukrajini-do-latviji-yak-i-de-peretnuti-kordon-otrimati-dopomogu-robotu-ta-de-zhiti-50228296.html
Title: Допомога у Латвії

Search URL Search Domain Scan URL

URL: https://t.me/miUkraune
Title: Міністерство інфраструктури України

Search URL Search Domain Scan URL

URL: https://t.me/uksatse_official
Title: Украерорух

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uspa.gov.ua
Title: Адміністрація морських портів України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DSBT.UA
Title: Державна служба України з безпеки на транспорті (ДСБТ)

Search URL Search Domain Scan URL

URL: https://t.me/UkrzalInfo
Title: Укрзалізниця

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airportboryspil/
Title: Міжнародний аеропорт “Бориспіль”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lvivinternationalairport/
Title: Міжнародний аеропорт “Львів”

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2023_09_07_manual_3gr.pdf
Title: ФОП 3-ї групи ЄП-5%

Search URL Search Domain Scan URL

URL: https://trafmag.com/

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTh8MTM4NzJ8ODAuMjU1LjcuMTA4fDU4MTU5NjYyfDE2OTQyNTk4MTV8M2VlMTM0M2M1YTE2OTNhNTAyOTAyZmQ3N2MyMjNiYWF8MzMz&vid=71082443088424&pstcnt=4_0
Title: от 253 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTh8MTM4NzJ8ODAuMjU1LjcuMTA4fDcyODEyMjk5fDE2OTQyNTk4MTV8M2JmNGU3YjBkMzE1OGM5ZTIyMTc2YzBjMzY2YWE1ODR8MzMz&vid=71082443088424

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTh8MTM4NzJ8ODAuMjU1LjcuMTA4fDcyODEyMjk1fDE2OTQyNTk4MTV8MTMxOWRjYTJhYmQ3N2E3MjYwOTRhYzVjODNjNDViZTR8MzMz&vid=71082443088424

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=MTh8MTM4NzJ8ODAuMjU1LjcuMTA4fDcyODEyMzAwfDE2OTQyNTk4MTV8NjBmZTYzN2ViNTc3MzQ5MDM5NTg2OWI3NWIzOGVhYjR8MzMz&vid=71082443088424

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.ukr.net&utm_medium=referral&utm_campaign=widgets&utm_content=1516465

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16984742/i/57848155/0/pp/1/1?h=veRkzp1r9aJVKrNOpi1VAKTra8y3cqBmrovrK-pDQ_-XflgMblEgzNKVEeWM3eW-01soLlG5wMkeOarczhDZmw**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17138815/i/57848155/0/pp/2/1?h=veRkzp1r9aJVKrNOpi1VAJQH0fTdUyoyT2XCQuqFJhKwk-P7oV9a1XS7sEAvJzQjOZRDhTLDPNjhZ_hOS9iMAw**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17139270/i/57848155/0/pp/3/1?h=veRkzp1r9aJVKrNOpi1VAHxp-a-p2HLcCa_zES7Yd_QTqTG5vlxvF64biG522KqzI39F3TVapoAmhEF28I2okA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16484518/i/57848155/0/pp/4/1?h=veRkzp1r9aJVKrNOpi1VANDApxJC_w9t5SEI7Q302Xcs5uNrhUhOycknwjpcYJJsycCddr_hdioL7ps4OKP6BA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15991980/i/57848155/0/pp/5/1?h=veRkzp1r9aJVKrNOpi1VAMUC0jxMch82uPHH2zEIez8p30vHD-sxEY4XvvgoDh2Fy0itBO4btSf9gJDTDDrVHQ**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16067134/i/57848155/0/pp/6/1?h=veRkzp1r9aJVKrNOpi1VADlnwpg14K_B6eemxV4GvSAjsaZPACMzwxsyD3pH-Rtl7C31c-EqiR7ntvH8BIlXBA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15746237/i/57848155/0/pp/7/1?h=veRkzp1r9aJVKrNOpi1VAAvAWpdwaY5QyPGBrFSKB_53-YATN3laxDW5ymPhfoe9-O9JL5c9ACsz9alQ4VqnXA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17093998/i/57848155/0/pp/8/1?h=veRkzp1r9aJVKrNOpi1VAJvKQuvr5P5xeq9l1n3iO09fn8mSu9K_hmK9J_oItCgxnkHkrqx7CZzv3gppnQqvOw**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16853162/i/57848155/0/pp/9/1?h=veRkzp1r9aJVKrNOpi1VANW5RapJH0MV2ymMzKIwmHaZC_r2rbha8biN_E8AEeCLsP6a2ONzJc1F3mq7XNiXYg**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16973567/i/57848155/0/pp/10/1?h=veRkzp1r9aJVKrNOpi1VAB3X6OpZEGxDISi474cnhbpRW4Ke5_zakBThBnbnKk37SnavBaBmsJgtfLIo64IQfQ**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15340605/i/57848155/0/pp/11/1?h=veRkzp1r9aJVKrNOpi1VAP_x6QjPaplIFxQ3ZCmZIu42befojp6Jzqf2r44HIhzNyD-7Y9SHCC4ZG6eQ8WlvRA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17131312/i/57848155/0/pp/12/1?h=veRkzp1r9aJVKrNOpi1VADmfWAv1df5HUYnuQSAJSVvvZWHAG4yGD3qaYdyiqzrzyCdX_IWgTNfbCFtVjL5cIA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16675892/i/57848155/0/pp/13/1?h=veRkzp1r9aJVKrNOpi1VAPcWnLLRoC5aRwUasMPEtBb670GMpfZ36D0ChXEPIB3aIf3RFA28oA2Q5FP2YDZGGg**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17139402/i/57848155/0/pp/14/1?h=veRkzp1r9aJVKrNOpi1VAC1eNZiFreghMEUWvAYDpl_rVo7s3Jk2yCUxpEct0nBsw2CbCiK3W1cmgIlZKgVFaw**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16973561/i/57848155/0/pp/15/1?h=veRkzp1r9aJVKrNOpi1VAMdWU4PkXYAoZae1JqxblJgX9v3fNe3C-d8lnQaLyMcevaev9Kc_sRFGJaw_4ZA8aA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16853275/i/57848155/0/pp/16/1?h=veRkzp1r9aJVKrNOpi1VACBG9zsZHyp_swbkiCQlDBVm8OdAXN-4eOJcd-x5kPMS3WNLgDrDEGufLNmxEClmCQ**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16853267/i/57848155/0/pp/17/1?h=veRkzp1r9aJVKrNOpi1VAAsQ0mTclZmhEeOxNTYm1H86ydYlh4vzHpj0JCWK0YphpEBTYuq2XS0ocDHa14S5QQ**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17155670/i/57848155/0/pp/18/1?h=veRkzp1r9aJVKrNOpi1VAAZyEQgJZtgJ0wnL5rD9loT68iKSLTD7RZvx9o6xBgfzvqzrmm-YQtnmnQDZLLXcCg**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16973555/i/57848155/0/pp/19/1?h=veRkzp1r9aJVKrNOpi1VAEKdsNIwoUtxiiYD75PE8KixIuGFVNk-tO2DxSkRFcBXOwaQkwMDiLdk8Iobkk3IMw**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16217843/i/57848155/0/pp/20/1?h=veRkzp1r9aJVKrNOpi1VAPEWp4fPvF5IrI8L-pR-_2K3plhm4X1NDtynqQIkkORmuCnsiZ4Ac0v4n7uZRIb5Ug**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16853266/i/57848155/0/pp/21/1?h=veRkzp1r9aJVKrNOpi1VAGJSVCutd-G7AlFnJMOAmWp1PUlOT8PlcvcoYuEpdx5peAFim4uRv5FAgK3ZN_qFUQ**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16791609/i/57848155/0/pp/22/1?h=veRkzp1r9aJVKrNOpi1VADS11yGz88MTrYXUfp4-pHM6nLPU7aI7YlpiDnT9BLEVoJK0r_D4AQMu6AgDyAUArQ**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16429882/i/57848155/0/pp/23/1?h=veRkzp1r9aJVKrNOpi1VAIhGjccp7PIPkqd3vOyRKjWIuW72mrVFKySrfOvdGcdXIH2kp8gd5jvPEorAGG6FbA**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16653263/i/57848155/0/pp/24/1?h=veRkzp1r9aJVKrNOpi1VAPZTMenLLS8vYIYmarC55ifl-o-bLypwiSuTfuKBmtM4XwjqyFPaPzHtfp32DMu67w**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16830559/i/57848155/0/pp/25/1?h=veRkzp1r9aJVKrNOpi1VAIhB23pv6mCZPjmzWoywRADiHcRkah-GyjErezXekihcTnEVPNCEv3RcoKSJ8Ui-Mg**&rid=1c3b2672-4f06-11ee-8630-e43d1a2a04aa&tt=Direct&att=3&cpm=1&iv=11&ct=1&gdprApplies=1&st=120&mp4=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 91

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cLOmXnxJRjFsbVovTFgyQ0pBSVAyMWJaRnRvK004dVhkVVhGRVd0N0JxNXlDRWcvNERKTERHbzl4Y1ZMQWhrdjR6cVJ6YmNyWmZrMzRFU2RIUkRVYUY0ckdmK1VONld5Y0YzOHlCZWU1Ym45UW52Vi9pS2hCTnRpYVk5WnNKV0hOTWlIWUN2c2V4MmxPa1FLM2ZJdmN6bHFPYlBwL2RxSVUyRzhnMkIvbFJyUU9MeERZYUtQTE5oR3NybDcxeXJ3MWFtbTRrRlNUNXZ5WGJyT3RzZzg1bGV4RW1PdlRaYXFrWVJLbExHZVpVcU85akJuVjBXN1FVVjJxeTZ6ZFhGR1VQeG55aXBaN0orL3ozRWdKbkw0b0JkYXRCUT09fA&cppv=2

Request Chain 128

https://bid.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D HTTP 308
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-9Xp389rLJs8m3l99VngyBjfDyQ0J3VetroQMmlQz&gpp={gpp}&gpp_sid={gpp_sid}

Request Chain 129

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=171cc60a-81f3-47b9-a6c2-45798fbbc4c1

Request Chain 131

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=769d183167a8f7db

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPxaaLHa2vOzo0fBXXSk0wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

Request Chain 201

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPxaaLHa2vOzo0fBXXSk0wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1

Request Chain 203

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 220

https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=671361045285&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=671361045285&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 233

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235

253 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ukr.net/
Redirect Chain

http://ukr.net/
https://ukr.net/
https://www.ukr.net/

166 KB
43 KB

74ms
54ms

Document
text/html

104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e95fb8bfee158f6f8ac0d62fe38f969d46d351cd4a31e7a3b6248cdbf485f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 803f2ca169dc3732-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 09 Sep 2023 11:43:34 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 803f2ca0e94c3732-FRA
content-type: text/html
date: Sat, 09 Sep 2023 11:43:34 GMT
location: https://www.ukr.net/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1692357341/ 1 KB
757 B 152ms
49ms Stylesheet
text/css 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 1902383
etag: W/"64df52f2-48c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
cf-ray: 803f2ca2685a4daa-FRA
expires: Sun, 08 Sep 2024 11:43:34 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 195ms
93ms Stylesheet
text/css 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
cf-ray: 803f2ca2685c4daa-FRA
expires: Sun, 08 Sep 2024 11:43:34 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/6/portal/ 44 KB
8 KB 152ms
50ms Stylesheet
text/css 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/6/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 12:31:02 GMT
server: cloudflare
age: 5294445
etag: "6481ca06-204a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 803f2ca2685e4daa-FRA
content-length: 8266
expires: Sun, 08 Sep 2024 11:43:34 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
210 B 56ms
55ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 09 Sep 2023 10:18:36 GMT
server: cloudflare
age: 5098
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 803f2ca1ca4d3732-FRA
x-xss-protection: 1; mode=block
expires: Sat, 09 Sep 2023 15:43:34 GMT

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/4/portal/ 167 KB
51 KB 156ms
54ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 14:23:02 GMT
server: cloudflare
age: 5294445
etag: "6474b546-cc89"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 803f2ca268604daa-FRA
content-length: 52361
expires: Sun, 08 Sep 2024 11:43:34 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/10/portal/ 61 KB
17 KB 154ms
52ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/10/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Jun 2023 10:06:02 GMT
server: cloudflare
age: 5294445
etag: "649d578a-42fb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 803f2ca268624daa-FRA
content-length: 17147
expires: Sun, 08 Sep 2024 11:43:34 GMT

GET
H2 200 zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
19 KB 69ms
57ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 10:42:05 GMT
server: cloudflare
age: 280141
etag: W/"5f366a7d-19e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 803f2ca31bbf3732-FRA
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 970x90.png
upst.fwdcdn.com/img/ 3 KB
3 KB 49ms
46ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/970x90.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 372148
etag: "6447ce22-cd3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca319004daa-FRA
content-length: 3283
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 logo_ua1f9545c758df14d0288816db4f8e7978.gif
upst.fwdcdn.com/temp/holidays/12778/ 37 KB
38 KB 54ms
51ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12778/logo_ua1f9545c758df14d0288816db4f8e7978.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b099485a49362be50208d96bd900ecbaf09152a4ff1e6dece8a8034da85adf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Sep 2023 11:31:00 GMT
server: cloudflare
age: 708
etag: "64fc5774-95da"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 803f2ca329054daa-FRA
content-length: 38362
expires: Sat, 09 Sep 2023 15:43:34 GMT

GET
H2 200 title_img_ua1f9545c758df14d0288816db4f8e7978.gif
upst.fwdcdn.com/temp/holidays/12778/ 1 KB
2 KB 51ms
48ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12778/title_img_ua1f9545c758df14d0288816db4f8e7978.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec9696d94312cc2fb79d20e6f310d4f0a9b14cb628d796122cce7bb6ba1270e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Sep 2023 11:31:00 GMT
server: cloudflare
age: 708
etag: "64fc5774-5d6"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 803f2ca329064daa-FRA
content-length: 1494
expires: Sat, 09 Sep 2023 15:43:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
62 KB 159ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70ba49d5509b7e980ba4bb0fee7d967c20b0e938fabd654e7c5d0052fb470fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63560
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Sep 2023 11:43:35 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
4 KB 49ms
46ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Oct 2014 14:11:04 GMT
server: cloudflare
age: 455302
etag: "542eae78-1134"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca329074daa-FRA
content-length: 4404
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 59ms
56ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Oct 2014 10:17:53 GMT
server: cloudflare
age: 455545
etag: "5437b251-134e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca329084daa-FRA
content-length: 4942
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 300x250.png
upst.fwdcdn.com/img/ 4 KB
4 KB 57ms
54ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x250.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 454518
etag: "6447ce22-e74"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca3290c4daa-FRA
content-length: 3700
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 300x145.png
upst.fwdcdn.com/img/ 3 KB
3 KB 51ms
49ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x145.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 455003
etag: "6447ce22-a9f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca3290e4daa-FRA
content-length: 2719
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 ukr.net.1516465.js Show response
jsc.mgid.com/u/k/ 3 KB
2 KB 174ms
60ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/u/k/ukr.net.1516465.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185b0192e3d43cc1cb4aa0cda4fc5d4e5af55d3479c46523fc544f2df1249496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-amz-version-id: 9nuJ7AbbeffV4KDe558sGLGyFoHfon3O
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: J27XG9EQ6MAJSH4B
age: 5125
cf-polished: origSize=2676
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gBPC4cVrSU+C7cNJ6/3xuHgZpNXP/ru1bfTKdTCG7uPOe1FMflhEm//aWtT6YXxdpACcYWkwmqunK2p+k0+snQ==
cf-bgj: minify
last-modified: Mon, 04 Sep 2023 12:20:51 GMT
server: cloudflare
etag: W/"d599a10b794c462d3bab36f0f5109a07"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 803f2ca3d8d341a0-LHR
expires: Sat, 09 Sep 2023 14:43:35 GMT

GET
H2 200 top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 5 KB
5 KB 57ms
55ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 455905
etag: "51b860f4-140f"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca3290f4daa-FRA
content-length: 5135
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 email-decode.min.js Show response
www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 41ms
41ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
server: cloudflare
etag: W/"64f73c7d-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 803f2ca30ba53732-FRA
expires: Mon, 11 Sep 2023 11:43:34 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 176ms
90ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 803f2ca3ac95916a-FRA

GET
H2 200 hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/470627/ 920 B
1 KB 147ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/470627/hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Sep 2023 05:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 223
etag: W/"64f81226-398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coVz1wRzjPxh27ly%2Frup0bcUVa297%2FY%2Bpww6Mrg%2FZrN%2Fg0%2Bg23AeLwR5c9ocyK0vO%2Bfeqs73FtvUatwBH%2BItveh997Xlj0elfjp7yUtfu4M848umCKCYzK455zwhPW27g6uRgRvrED3cGwjfVh85Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 803f2ca3be894d56-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Sep 2023 11:54:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 266ms
154ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d780fe7833d22f09c53c18cec8db2fe7abffd2dc9fe6a239dd586c895a12f538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29012
x-xss-protection: 0
server: cafe
etag: 58 / 19609 / m202309050101 / config-hash: 18345592501010170579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 11:43:35 GMT

GET
H2 200 wrapper_hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/470627/ 2 KB
1 KB 152ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/470627/wrapper_hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac039de7e2446e87ae20f3edd44c8a514b778cc9bab406c3fa860bb3856dd613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Sep 2023 05:46:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 737
etag: W/"64f81226-865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Upcp8HXqwqkG3EDh%2BGl1SfC1V%2BTk7DSx%2Fo2qXxTuLIEOzJKcjaPV8CjDvhj1FYhAhbA7qiClcyihgWVKVSgSqlfvv3UDIHudFbGZcj%2BsA84FdPsFl2q27XtNbNF2i%2BqVb5MbysIL6Z8RD8tURJhoFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 803f2ca3be8c4d56-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Sep 2023 11:46:18 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 131ms
43ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1694259814886
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
x-upstream: 4210.10.20.49:5080
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk&theme=default
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

40ms
39ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type: text/html; charset=UTF-8
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sat, 09 Sep 2023 11:43:34 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-frame-options: ALLOW-FROM https://www.ukr.net/
x-upstream: 4210.10.20.49:5080
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sat, 09 Sep 2023 11:43:34 GMT
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server: nginx

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame 291A 15 KB
7 KB 174ms
39ms Document
text/html 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 09 Sep 2023 11:43:35 GMT
etag: W/"63c6f377-3b12"
expires: Sun, 10 Sep 2023 11:43:35 GMT
last-modified: Tue, 17 Jan 2023 19:13:59 GMT
server: nginx

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1 KB
858 B 335ms
205ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery3000005698277468288104_1694259814872&_=1694259814873
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 8a43476162727606920013e3e64f4edf045396bfaa8b714f02936b0c8c91fd44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 526 B
714 B 278ms
143ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery3000005698277468288104_1694259814874&_=1694259814875

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

ee5faab93f5af0d996c4a0c641a98397e145d74adc601c5c8cd896a8aea6693a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
strict-transport-security: max-age=15768000, max-age=15768000
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
content-type: text/html; charset=utf-8

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
127 B 46ms
45ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:34 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 455302
etag: "51b860f4-35"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca339204daa-FRA
content-length: 53
expires: Sat, 16 Sep 2023 11:43:34 GMT

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 3 KB
3 KB 132ms
43ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery3000005698277468288104_1694259814876&_=1694259814877

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

a6ad01153b80f37386fb6bbc1bb1e8c7930cc269ffd2fd38f65ed8b078547036

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Sat, 09 Sep 2023 11:43:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 127ms
39ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.4980309792505506&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 09 Sep 2023 11:43:34 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 314 B
704 B 117ms
39ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.6097639659761191&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 596b6da03de77e96d5c68699a98fc3ca288a7e8e2f187bb348c6efd01107702b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 09 Sep 2023 11:43:34 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 120ms
40ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.5358392495167821&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 09 Sep 2023 11:43:34 GMT

GET
H2 204 /
loadercdn.net/ 0
170 B 224ms
73ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?u=b52ebcfd903cd26d&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Sep 2023 11:43:35 GMT
server: openresty

GET
H2 200 hbp_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 463 KB
147 KB 173ms
51ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/470627/hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c722d43155880ad69d2c7d6d7e603b15cecb2f1a7a3a1687cf11fdce7f869b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Mon, 11 Sep 2023 11:43:35 GMT
date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 12:00:59 GMT
server: nginx
etag: W/"64ec8c7b-73bec"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 hbw_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/1H3UH/ 164 KB
44 KB 295ms
176ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/1H3UH/hbw_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/470627/wrapper_hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: aedb75fe293a072ae352d27cef42b8c4c0b6c9f8d4710bad966b84d93154ae7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Mon, 11 Sep 2023 11:43:35 GMT
date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 05:46:14 GMT
server: nginx
etag: W/"64f81226-28ec1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 ukr.net.1516465.es6.js Show response
jsc.mgid.com/u/k/ 323 KB
98 KB 64ms
62ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/u/k/ukr.net.1516465.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516465.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fefa7db3e097a36df3d497fb1bdd4aa5e5e5bd68f94886751725cba56cb67000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-amz-version-id: X31g_meYbA4NKWGkk0ihz.Zm5yvXXAbI
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: RNMK8DHHCDTRWYA7
age: 3884
cf-polished: origSize=331087
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: omXTvaP7uhLpkMXPAgxaxTklJIh94celIwyj9lIWF79K3n7zkCvipk+oZEYRvZJgZ/KKJfaDWipWHbl+ieY88rRzO6XL2/2bzM3LFJe0ncU=
cf-bgj: minify
last-modified: Mon, 04 Sep 2023 12:20:51 GMT
server: cloudflare
etag: W/"d0dd9e2899ee7efbdd1564d7377ce13f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 803f2ca439b241a0-LHR
expires: Sat, 09 Sep 2023 14:43:35 GMT

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 42 KB
15 KB 50ms
50ms XHR
application/json 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05f0dc3604d64ab1ea8de3a19d4fab3bf24d7ac1beee3793e14e20d34392052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 803f2ca43d253732-FRA
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 291A 34 B
228 B 41ms
40ms Script
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 9a3464ecda7c0abe7f5e70a350fc3ba798ce89bdd8022e5caf49f385b4f79583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Sep 2023 11:43:35 GMT
cache-control: private, max-age=63115200
content-encoding: gzip
content-type: text/javascript;charset=utf-8
server: nginx
expires: Tue, 09 Sep 2025 02:43:35 +0300

GET
H2 200 1694259815121.html Show response
www.ukr.net/view/main/99677156,1140,2140,945,180,32,155,49,71,21,38,32,114,24,26,24,33,23,5,15,47,5,28,11,17,2,24,3,2,6,11,1,25,5,2,8,8,9,10,4,1,9,19,1,27,9,1,1,10,1,5,5,1,1,11,1,21,3,1,7,3,2,3,7,2... 0
89 B 51ms
50ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/view/main/99677156,1140,2140,945,180,32,155,49,71,21,38,32,114,24,26,24,33,23,5,15,47,5,28,11,17,2,24,3,2,6,11,1,25,5,2,8,8,9,10,4,1,9,19,1,27,9,1,1,10,1,5,5,1,1,11,1,21,3,1,7,3,2,3,7,2,8,1,2,3,1,8,2,1,6,1,1,1,1,2,4,2,26,16,7,2,3,1,5,9,3,13,5,2/1694259815121.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
etag: "51b860f4-0"
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/plain
accept-ranges: bytes
cf-ray: 803f2ca49d873732-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1692357341/ 3 KB
3 KB 47ms
47ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1692357341/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1692357341/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1692357341/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:16:02 GMT
server: cloudflare
age: 87826
etag: "64df52f2-b6b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca4baa84daa-FRA
content-length: 2923
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
335 B 50ms
50ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 455499
etag: W/"6076e064-18b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 803f2ca4baaa4daa-FRA
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
317 B 54ms
53ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 454674
etag: W/"6076e064-1cd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 803f2ca4baac4daa-FRA
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
497 B 48ms
48ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 455729
etag: "637656b5-18e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca4baae4daa-FRA
content-length: 398
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
265 B 47ms
47ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 455729
etag: "637656b5-bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca4bab04daa-FRA
content-length: 188
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92c7261fb8e96c85b2e3cd0bc6be6ea0345a53ff4a9c18ac6a79e52319230831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Sep 2023 11:43:35 GMT

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame 6D65 6 KB
2 KB 132ms
41ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 5b0e2f22457f534e4ba8ccba40ba6446783b910260d30cf7e867348f3f1e9d89

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sat, 09 Sep 2023 11:48:35 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 136ms
47ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.6097639659761191&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.6097639659761191&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=-120&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 09 Sep 2023 11:43:34 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 291A 0
490 B 45ms
45ms XHR
application/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tp7d7tLcvGj83Rw&ver=230117-2113&w=200&h=0&vw=200&ms=66.1&me=0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Sat, 09 Sep 2023 11:43:35 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/javascript;charset=utf-8
hn: b11
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Sat, 09 Sep 2023 14:43:35 +0300

GET
BLOB 200
OK fedde498-2220-4ee3-9a4a-e39caa15cf9a
https://www.ukr.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ukr.net/fedde498-2220-4ee3-9a4a-e39caa15cf9a
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 5329e5c8-2151-4daf-9b1e-1756001d9ab3
https://www.ukr.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ukr.net/5329e5c8-2151-4daf-9b1e-1756001d9ab3
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 404 KB
127 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71182
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Sep 2024 15:57:13 GMT

GET
H2 200 /
go.rcvlink.com/err/ Frame 291A 43 B
146 B 40ms
39ms Image
image/gif 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=230117-2113&ms=124&text=!responseText&ref=
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx / PHP/7.4.33
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

hn: m1
date: Sat, 09 Sep 2023 11:43:35 GMT
cache-control: no-store
server: nginx
x-powered-by: PHP/7.4.33
content-type: image/gif

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame 3DC8 2 B
99 B 40ms
39ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 42, 42127.0.0.1:8082
date: Sat, 09 Sep 2023 11:43:35 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame 3DC8 11 KB
3 KB 40ms
39ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 16:06:36 GMT
server: nginx
etag: W/"64ef690c-2c24"
content-type: text/css
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Sat, 23 Sep 2023 11:43:35 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame 3DC8 161 KB
44 KB 52ms
52ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 16:06:36 GMT
server: nginx
etag: W/"64ef690c-28496"
content-type: application/javascript
x-upstream: 4210.10.20.49:5080
cache-control: max-age=1209600
expires: Sat, 23 Sep 2023 11:43:35 GMT

GET
H2 200 /
c.mgid.com/pv/ 43 B
114 B 78ms
69ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.ukr.net%2F&cbuster=1694259815248687745034&pvid=18a79c12350ae28ab9b&implVersion=11&cxurl=https%3A%2F%2Fwww.ukr.net%2Fua%2F&site=422574&i=1&scum=%3F0&scuw=%3F0
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 803f2ca58bc841a0-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 134ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3960&_p=1524669659&_gaz=1&cid=1689813985.1694259815&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694259815&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 164ms
49ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=1689813985.1694259815&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 186ms
66ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=1689813985.1694259815&gtm=45je3960&aip=1&z=1849871520

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 z Show response
s.zfctrack.net/ Frame 4AA6 102 B
450 B 250ms
112ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zfctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 1b37506b4565f0b91a0e424b8429599b241213ccf7fb24ec10bec71c81696740

Request headers

Content-Type: text/plain;charset=UTF-8
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 6D65 11 KB
3 KB 39ms
39ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame 6D65 115 KB
38 KB 43ms
43ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame 6D65 43 B
232 B 41ms
41ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 1_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6D65 1 KB
1 KB 40ms
39ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/1_0.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-532"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1330
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102950159/ Frame 6D65 0
300 B 50ms
50ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ukr.net/sinoptik/102950159/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1694259814902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 9 Sep 2023 11:43:35 UTC
server: cloudflare
etag: "51b98b6a-0"
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
cf-ray: 803f2ca62f2d3732-FRA
content-length: 0
expires: Sat, 9 Sep 2023 11:43:35 UTC

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 3DC8 58 KB
17 KB 43ms
43ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?64280814ffe96cfa63b8
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 16:06:36 GMT
server: nginx
etag: W/"64ef690c-e602"
content-type: application/javascript
x-upstream: 4210.10.20.49:5080
cache-control: max-age=1209600
expires: Sat, 23 Sep 2023 11:43:35 GMT

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame 3DC8 27 B
121 B 40ms
39ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?ae0b00db
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4210.10.20.48:5080
date: Sat, 09 Sep 2023 11:43:35 GMT
server: nginx
content-length: 27
content-type: application/json

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame 6D65 408 KB
122 KB 53ms
52ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:47 GMT
server: cloudflare
age: 5294758
etag: "637656b3-1e6e9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 803f2ca66cc54daa-FRA
content-length: 124649
expires: Sun, 08 Sep 2024 11:43:35 GMT

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6D65 149 B
339 B 40ms
38ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6D65 389 B
579 B 40ms
39ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 6D65 185 B
375 B 40ms
39ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Mon, 09 Oct 2023 11:43:35 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/742150/ 2 KB
1 KB 155ms
52ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b0a34d2179ffd44e649c1083e9bc28d795a410c65305b5e0ed861aa2db91bd53

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

expires: Mon, 11 Sep 2023 11:43:35 GMT
date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
last-modified: Fri, 08 Sep 2023 12:02:28 GMT
server: nginx
etag: W/"64fb0d54-8af"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 150ms
56ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Sep 2023 11:43:35 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 139 B
406 B 378ms
114ms XHR
application/json 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1H3UH/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2ec1db4c300affbd4cb0847de5dc409dc0a4571fc6e67c33ac23904cbd2c51c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 377ms
114ms XHR
image/gif 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=byjsb3.ti&features=81952&vpbv=N173&lifecycle_tte=1133
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1H3UH/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
25 KB 460ms
459ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=301487239759809&correlator=3767527388084275&eid=31077190&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694259815496&lmt=1694252615&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=1600x4797%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=1689813985.1694259815&ga_sid=1694259816&ga_hid=1524669659&ga_fc=true&dlt=1694259814666&idt=688&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=3371586687%2C216364347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d5d597eae7e1e1628e8f181365c152f9b1e4416e6d17fe11618cb244de277d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25867
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAF1 6 KB
3 KB 178ms
47ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sun, 08 Sep 2024 11:43:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame 6D65 555 KB
136 KB 47ms
47ms Script
application/x-javascript 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:48 GMT
server: cloudflare
age: 5294757
etag: "637656b4-21ee1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 803f2ca72d9d4daa-FRA
content-length: 138977
expires: Sun, 08 Sep 2024 11:43:35 GMT

GET
BLOB 206
Partial Content 35eb3cfc-a473-4148-a9bc-7ca637aed10d
https://www.ukr.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ukr.net/35eb3cfc-a473-4148-a9bc-7ca637aed10d
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
438 B 48ms
47ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 455729
etag: "637656b5-13e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca74dc24daa-FRA
content-length: 318
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/ 10 KB
10 KB 56ms
56ms Image
image/png 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 10:54:06 GMT
server: cloudflare
age: 455001
etag: "5ea80b4e-2962"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca74dc34daa-FRA
content-length: 10594
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
452 B 50ms
50ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 455498
etag: "637656b5-16d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca74dc44daa-FRA
content-length: 365
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
555 B 47ms
46ms Image
image/svg+xml 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 201754
etag: "637656b5-1d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca75dcb4daa-FRA
content-length: 470
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 3 KB
3 KB 46ms
46ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 454674
etag: "637656b5-be5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca75dd84daa-FRA
content-length: 3045
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
366 B 58ms
58ms Image
image/svg+xml 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 279990
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
etag: "637656b5-bc"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca758ba3732-FRA
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 47ms
46ms Image
image/gif 2606:4700::6812:409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 455544
etag: "51b860f4-1ad2"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 803f2ca75dde4daa-FRA
content-length: 6866
expires: Sat, 16 Sep 2023 11:43:35 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 68ms
57ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 4079
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 803f2ca78f1541a0-LHR
expires: Sun, 10 Sep 2023 11:43:35 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
885 B 65ms
54ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 7016
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 803f2ca78f1741a0-LHR
expires: Sun, 10 Sep 2023 11:43:35 GMT

GET
DATA 200
OK truncated
/ Frame 6D65 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2F2D 15 KB
6 KB 130ms
43ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 326805
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 1 Show response
servicer.mgid.com/1516465/ 28 KB
6 KB 134ms
124ms Script
application/x-javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1516465/1?mp4=1&ap=1&w=280&h=154&cols=25&sessionId=64fc5a68-09d17&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.ukr.net%2F&cbuster=1694259815668476033997&pvid=18a79c12350ae28ab9b&implVersion=11&cxurl=https%3A%2F%2Fwww.ukr.net%2Fua%2F&scum=%3F0&scuw=%3F0&uniqId=08fd3&niet=4g&nisd=false&pv=5&lct=1693785600&jsv=es6&pageView=1&dpr=1&ref=&tfre=1000
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516465.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359acae6e3cddd8463e2e471ce857462d4ca63c037c17b84d136c2e35062e57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 803f2ca81fb841a0-LHR
alt-svc: h3=":443"; ma=86400

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2F2D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=cLOmXnxJRjFsbVovTFgyQ0pBSVAyMWJaRnRvK004dVhkVVhGRVd0N0JxNXlDRWcvNERKTERHbzl4Y1ZMQWhrdjR6cVJ6YmNyWmZrMzRFU2RIUkRVYUY0ckdmK1VONld5Y0YzOHlCZWU1Ym45UW52Vi9pS2hCTnRpYVk5Wn...

417 B
652 B

186ms
51ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cLOmXnxJRjFsbVovTFgyQ0pBSVAyMWJaRnRvK004dVhkVVhGRVd0N0JxNXlDRWcvNERKTERHbzl4Y1ZMQWhrdjR6cVJ6YmNyWmZrMzRFU2RIUkRVYUY0ckdmK1VONld5Y0YzOHlCZWU1Ym45UW52Vi9pS2hCTnRpYVk5WnNKV0hOTWlIWUN2c2V4MmxPa1FLM2ZJdmN6bHFPYlBwL2RxSVUyRzhnMkIvbFJyUU9MeERZYUtQTE5oR3NybDcxeXJ3MWFtbTRrRlNUNXZ5WGJyT3RzZzg1bGV4RW1PdlRaYXFrWVJLbExHZVpVcU85akJuVjBXN1FVVjJxeTZ6ZFhGR1VQeG55aXBaN0orL3ozRWdKbkw0b0JkYXRCUT09fA&cppv=2

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1260d6a0055f2dc2d5378a8435cf2134787638d5b9c1d6782d7eb47e90a48b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1107816
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cLOmXnxJRjFsbVovTFgyQ0pBSVAyMWJaRnRvK004dVhkVVhGRVd0N0JxNXlDRWcvNERKTERHbzl4Y1ZMQWhrdjR6cVJ6YmNyWmZrMzRFU2RIUkRVYUY0ckdmK1VONld5Y0YzOHlCZWU1Ym45UW52Vi9pS2hCTnRpYVk5WnNKV0hOTWlIWUN2c2V4MmxPa1FLM2ZJdmN6bHFPYlBwL2RxSVUyRzhnMkIvbFJyUU9MeERZYUtQTE5oR3NybDcxeXJ3MWFtbTRrRlNUNXZ5WGJyT3RzZzg1bGV4RW1PdlRaYXFrWVJLbExHZVpVcU85akJuVjBXN1FVVjJxeTZ6ZFhGR1VQeG55aXBaN0orL3ozRWdKbkw0b0JkYXRCUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 303922
content-length: 0
expires: 0

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
184 B 64ms
62ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=136
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 803f2ca8eb7b369a-LHR
alt-svc: h3=":443"; ma=86400
content-type: image/gif

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvODAwODUwL2YxMTVmN...
s-img.mgid.com/g/16984742/140x140/-/ 2 KB
3 KB 343ms
239ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16984742/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvODAwODUwL2YxMTVmNDhiZGMyY2ZjNDE5NzkzNzQwNTdjMDkwNjlmLmpwZw.webp?v=1694259815-ezPYol-IXVk6QrbWS-5q3EdpwsBG4gYuSjP-m4qqQ8c
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a36d42910c93a7fc26f5f534d5d2ed82c95d134c31dba91fb9efb4fc2c9fd1de

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2023 19:01:31 GMT
x-mg-request-uuid: 88ce3474-4f43-4c14-9a68-2003fb817b9d
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9a9c83693-LHR
content-length: 2546
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDYvNzc3NDUxLzJlNDkxO...
s-img.mgid.com/g/16484518/140x140/-/ 2 KB
2 KB 361ms
257ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16484518/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDYvNzc3NDUxLzJlNDkxODgyYmMwODFlMmJlNGNmNmYxMGFlMzA5NTI1LmpwZw.webp?v=1694259815-8Eo-maz_aynno6_y8uoxS7woemczscAL9-lF91ppcOw
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e06e0cb7ac3ffdf0124eea163c7b32860f7ba7c91369af7b7d35dd38b133513

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 16:02:57 GMT
x-mg-request-uuid: cd60aea0-fc47-4bc0-aa4c-e7cf1498a4cf
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9a9cb3693-LHR
content-length: 1894
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMzY5NDAzLzUxMDAxZ...
s-img.mgid.com/g/15991980/140x140/-/ 5 KB
5 KB 341ms
237ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15991980/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMzY5NDAzLzUxMDAxZDc1YjQ0YzkyYWY0OTRmOTdiM2RmNTViODgxLnBuZw.webp?v=1694259815-Cxv5M5ptG-to-3BmkqpfqCv9qHTYdqb3Fses71STrL4
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190bc627672de3cc9785502d0cb4a9a40d586bfc850ef8907722296bbc9a918b

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 18:08:04 GMT
x-mg-request-uuid: 727c3612-d4aa-4238-a86a-a80f23e9d46b
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9a9cd3693-LHR
content-length: 4738
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDQvNTMwNDUzL2FiYTVmM...
s-img.mgid.com/g/16067134/140x140/-/ 2 KB
2 KB 576ms
473ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16067134/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDQvNTMwNDUzL2FiYTVmMTdjNjhkZDY3Njc3MjA4OTcyMGRjNzBlZWUyLmpwZWc.webp?v=1694259815-4L8u8HV-gCcGLXj_4FPsVvwIGY9neGoW9rJhc7pfvNY
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf21a1ab2aca71be0848bd9175b37e5f87aca29677db1e8ee52017ea5891a9d

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: MISS
last-modified: Sat, 05 Aug 2023 22:15:34 GMT
x-mg-request-uuid: 42bb2b1d-1c26-4d4f-ac3d-ff734d0393c2
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9a9d03693-LHR
content-length: 1876
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvMzY5NDAzLzBlNjI2M...
s-img.mgid.com/g/15746237/140x140/-/ 3 KB
4 KB 159ms
56ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15746237/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvMzY5NDAzLzBlNjI2MzQ4MDY4MWQ1OGRjNjE2NTcxNmZlZTc4YTVjLmpwZWc.webp?v=1694259815-EJLwTDWdIXS_yJGQhLBafZBxSfg69Iks_vq8-1y_BoQ
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5fa28b473a1d228f1c0d0f051318a0967434cd44511e049e1fbf3c85dc19b7

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 21:28:40 GMT
x-mg-request-uuid: 72aaf9be-62a8-45de-a8dd-d2fadce84bda
server: cloudflare
age: 102616
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9a9d23693-LHR
content-length: 3286
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvNzA0OTEwLzk2MTM5M...
s-img.mgid.com/g/17093998/140x140/-/ 3 KB
3 KB 349ms
246ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/17093998/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvNzA0OTEwLzk2MTM5MTYzMDE0Yzk4MzYyODU1YjgyZTlhNDJlMDFjLmpwZw.webp?v=1694259815-95SYMkG3BO5Ka85rdkla3IOGbPWVL55ZOdi39YV_M1Y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a858cb09723dac629c6029452e05e81ad6e4dce1a7b559ffd83946739223dc81

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 10:52:17 GMT
x-mg-request-uuid: 91320ce2-a978-42bd-a21e-79742677e7f4
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9a9d43693-LHR
content-length: 2658
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvMzY2OTA0LzYyYmYwM...
s-img.mgid.com/g/16853162/140x140/-/ 2 KB
3 KB 57ms
56ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16853162/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvMzY2OTA0LzYyYmYwMTIwYTdhZTZiMTQxNDIzNjUwYzNiNjM3YTA0LmpwZWc.webp?v=1694259815-cxpakoBk8PqK23IYrV19H3KG936JasaHjFtjSdWwEBQ
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c28a5b8beaf3052e8ad420d0f15583c7d304287be200ce3e4226e219410fc7

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 09:16:14 GMT
x-mg-request-uuid: 1027df44-46f1-4084-a43d-dccec55d71ec
server: cloudflare
age: 102617
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa7e3693-LHR
content-length: 2352
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvMzY5NDAzL2VlMjBhO...
s-img.mgid.com/g/16973567/140x140/-/ 4 KB
4 KB 252ms
250ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16973567/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvMzY5NDAzL2VlMjBhODI2NTdjMzM5NTAyODYxNDc5YjdhNzg1ODQ3LmpwZw.webp?v=1694259815-bcZ0jA2Mns3Wd37I0-8UuuFmQd2B16SE5ykkgr8BEYc
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de524d38c4f4d3745561cb1c323762a33094df309be6c9a7bcca89b85b490c1

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Aug 2023 10:18:57 GMT
x-mg-request-uuid: 105e544c-cbfc-4411-a3f1-7682a358c4be
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa823693-LHR
content-length: 4248
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvNzgzMzg1L2EyYTE4M...
s-img.mgid.com/g/16675892/140x140/-/ 3 KB
3 KB 477ms
475ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16675892/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvNzgzMzg1L2EyYTE4MGRmMDFmYmYxNjYyMGRlNWZiNWEyZGE5ZGQ1LnBuZw.webp?v=1694259815-OnZwozOlKayum7_1nyRlx8nP_ArP_PdL2z78JAkljpg
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f1805ffcb12a0eef03832a0fbdae2021ec28588c62e1df4ca8db6874d6423f

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 10:57:47 GMT
x-mg-request-uuid: d06ea6f2-7f63-4427-8045-df91cfd67728
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa873693-LHR
content-length: 2612
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvMzY2OTA0L2VmZDhiN...
s-img.mgid.com/g/16853275/140x140/-/ 2 KB
3 KB 59ms
57ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16853275/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvMzY2OTA0L2VmZDhiNmUyYjIyYjUyYjYxMGJkZmQ1NTFiOWMyNDM3LmpwZw.webp?v=1694259815-0OoYN8NgvpaPdepolYZA7yZK_kCA_75bF3BD5HJ-JLA
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b126218c91abc68da3f981744db0656f7251004d59e3cc8fd98fe14bb58eae

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 15:12:43 GMT
x-mg-request-uuid: 48faf00b-b911-4ec0-8b4b-fa67a04a9476
server: cloudflare
age: 102617
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa8c3693-LHR
content-length: 2282
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMzY2OTA0LzdiZGRhO...
s-img.mgid.com/g/16853267/140x140/-/ 3 KB
3 KB 62ms
60ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16853267/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMzY2OTA0LzdiZGRhOGFjOTU4YzFlYzY5ZDZjZmE0NWFiZDQ2ZGZjLnBuZw.webp?v=1694259815-FFyqrlI0R85dQvO-fBUU6_C0Y9dMMBZ0nYqK69_lGLM
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d5d002987ce7caa6e3cfecb009659a30dedeb6fd6e3079c68474b880800567

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Sep 2023 10:12:30 GMT
x-mg-request-uuid: 8c7fdd96-b152-42a9-afde-290d5adcfffd
server: cloudflare
age: 514342
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa913693-LHR
content-length: 3114
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDQvNzQyNTMwL2Y3MjU4M...
s-img.mgid.com/g/17155670/140x140/-/ 6 KB
7 KB 235ms
233ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/17155670/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDQvNzQyNTMwL2Y3MjU4MGU4MDVlMjU1ODFkZTdjNTFlZmI1NTQ2YjRhLmpwZWc.webp?v=1694259815-gpgQaOP9ZWTyITUm_wntPUX55wWe6Zwgc50LlmOXdxg
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a92124fc5fced296562c3a42f44ccd6aae661b8737bb398461b591a5783b892c

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Sep 2023 07:17:05 GMT
x-mg-request-uuid: 8be6dfc9-417f-43f3-995f-11e9117dd8e8
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa943693-LHR
content-length: 6536
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvMzY5NDAzL2NjMmVjN...
s-img.mgid.com/g/16973555/140x140/-/ 4 KB
4 KB 478ms
476ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16973555/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDIvMzY5NDAzL2NjMmVjNjljODJiZjE5MThiZWIyZjQ4YjgyNTJhZjE1LmpwZWc.webp?v=1694259815-xxJclaiOsAopGsExwlXveEn_zIce4F26hehXUKYZ4T4
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3e57ccb04d9d982dfa4616e64af16819f09e8bb53f468f898f093dac578eb2e

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Sep 2023 15:58:10 GMT
x-mg-request-uuid: 58ed2e0c-6989-4309-875b-c451cb0dbe4b
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa983693-LHR
content-length: 4200
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvMzY5NDAzLzlmOTBkY...
s-img.mgid.com/g/16217843/140x140/-/ 3 KB
3 KB 63ms
61ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16217843/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvMzY5NDAzLzlmOTBkYzVhN2ZhZTg1NmE1YzNkMmRkMDZmNjg0YjEzLnBuZw.webp?v=1694259815-H8dQTgjXd0gHDo_uxEiHPGLG8gKaPYyWJxvt6fIjdBE
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86d60c1b50168b0de90f2f2054e742ca0c494e05e5c60a17abd87bae299ea513

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 15:24:40 GMT
x-mg-request-uuid: 29606bed-7df4-462e-8a06-7f7b3ca36986
server: cloudflare
age: 175468
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa9c3693-LHR
content-length: 2688
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMzY2OTA0LzY2MzcwM...
s-img.mgid.com/g/16853266/140x140/-/ 3 KB
3 KB 268ms
266ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16853266/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvMzY2OTA0LzY2MzcwMDRhMDhjMjFlNDI1YzVmZjk0NmQ0YTA5MjRmLmpwZw.webp?v=1694259815-DhPUwnCDyEm2p4sIdpGuJMAZTF5UjQJiiTooVSAH6cA
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81b69514fb90d12f9d4fc663994a08cf8a891b37a4b7e28177e4b171cdea53c

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Sep 2023 00:58:14 GMT
x-mg-request-uuid: 544255d7-5de0-429a-b852-7150943583be
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9fa9e3693-LHR
content-length: 2594
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvNzgzMzg1LzkwNGI5N...
s-img.mgid.com/g/16791609/140x140/-/ 2 KB
2 KB 238ms
236ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16791609/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvNzgzMzg1LzkwNGI5NmMxMjUzNjlhOTUzOWFjMzlmZDYwZDEwYzA5LmpwZWc.webp?v=1694259815-wiMNnthyJV5YgT39VUebH9hr6bnXrHBU7geUEsiuvi8
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f952b93d4e671cc9913d909a61fa8565ff313063a4124765550a1324854b7c55

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:04:01 GMT
x-mg-request-uuid: f3f592f4-ff23-4ac5-b329-59f1ad6c97dd
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9faa23693-LHR
content-length: 2192
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDYvNDQ2OTI3L2ViZGY1Y...
s-img.mgid.com/g/16429882/140x140/-/ 3 KB
4 KB 254ms
252ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16429882/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDYvNDQ2OTI3L2ViZGY1YzVhZDhmNWI1NDdkMzA4ZjcxY2IyMGJkMjViLmpwZw.webp?v=1694259815-atJlqp1f1BPQknY_Adi4DjxdZRbszOtejgSPnJtrXDk
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 971537a5b64c30bce47da8cdf694f1ee4a12d10c4e77f4e15412aa493e3849e7

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 16:46:12 GMT
x-mg-request-uuid: 1efd7a07-698d-4fe8-a88a-4ea4ec624bc7
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9faa43693-LHR
content-length: 3384
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvNzc3NDUxLzU1ODQzN...
s-img.mgid.com/g/16653263/140x140/-/ 3 KB
4 KB 527ms
525ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16653263/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDcvNzc3NDUxLzU1ODQzNDUxZDg5NjVhMjM1ODM4OTllODhiMDc4NjIwLmpwZw.webp?v=1694259815-CyTr_auP7EmgTqef3_tqmi5slvk0tHweyCLLd4mAJzg
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f1e50f17173f3937deb0247ac84211f566e90a540cf747ac4e9bb582f6417e

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Sep 2023 18:12:53 GMT
x-mg-request-uuid: e4adc648-e5aa-4876-b08a-18d9c64d2677
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9faa93693-LHR
content-length: 3370
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDYvNzQyNTMwL2RlZWQ0O...
s-img.mgid.com/g/16830559/140x140/-/ 4 KB
4 KB 261ms
259ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16830559/140x140/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDYvNzQyNTMwL2RlZWQ0OTU1Y2QxNWE4Mzk1NDU5MWI2ZmRhNDA0NDQxLmpwZWc.webp?v=1694259815--4frs-qgZjCkglST_h4FkDBQs8kfEOcLxCJ_9vgTFRc
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef1cb772e2a7f1e5cc09e689657f248158ca19488b044bdfd7096c0485e86dd

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Sep 2023 09:20:05 GMT
x-mg-request-uuid: 4bd82776-aec6-452d-bb19-f7c04185b12a
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 803f2ca9faab3693-LHR
content-length: 3940
alt-svc: h3=":443"; ma=86400

GET
H2 206 96ae0ce3baf90736ff140c6c16258a36.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-06/575947/ 177 KB
177 KB 192ms
93ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-06/575947/96ae0ce3baf90736ff140c6c16258a36.mp4?v=1694259815-MMZ00gN2SFDU0EXg-iZRAGGXcmNYnPQQUgCeRTuGaC8

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03fcc753a36d82b0e68d1e1fa11d40448bdf09f7cbe900e27ac96177236ddd41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 417926
Content-Range: bytes 0-181171/181172
server-timing: cld-cloudflare;mitm=c;dur=179;start=2023-09-04T15:18:08.357Z;desc=miss;cloudinary;dur=142;start=2023-09-04T15:18:08.375Z
alt-svc: h3=":443"; ma=86400
Content-Length: 181172
last-modified: Tue, 27 Jun 2023 09:01:29 GMT
server: cloudflare
etag: "5f7f42754025c14d456d5fcf5dc5cf8d"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 803f2ca9ab843626-FRA

GET
H2 206 8d5b58a6fd447da632b24d4a642d0279.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-09/485100/ 203 KB
204 KB 192ms
93ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-09/485100/8d5b58a6fd447da632b24d4a642d0279.mp4?v=1694259815-Ev1hHHgWP9TRw3vcXwS2Vc_duNEnr521mz8D2IipFxQ

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abed2a3b92aad1b741fd57156b591e0ab808f86cb8e44e0a28cb18b3ce6679ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94983
Content-Range: bytes 0-208172/208173
server-timing: cld-cloudflare;mitm=c;dur=146;start=2023-09-08T09:11:28.068Z;desc=miss;cloudinary;dur=129;start=2023-09-08T09:11:28.081Z
alt-svc: h3=":443"; ma=86400
Content-Length: 208173
last-modified: Thu, 07 Sep 2023 08:49:48 GMT
server: cloudflare
etag: "72222a0d7c37112279c1110a1287a65e"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 803f2ca9ab873626-FRA

GET
H2 206 dac3b09ef41b14749a80f5344ae15b74.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-02/369403/ 206 KB
207 KB 149ms
50ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-02/369403/dac3b09ef41b14749a80f5344ae15b74.mp4?v=1694259815-zBT2wSJ1w6yLSFw6R4ejNQU2yVfvOXb7x0TlDflrT18

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5c05e74233d57a2718e565e16e36bea16237c81ac3f49214ffe8f8550166a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 488153
Content-Range: bytes 0-211200/211201
server-timing: cld-cloudflare;mitm=c;dur=145;start=2023-07-05T04:50:21.657Z;desc=miss;cloudinary;dur=125;start=2023-07-05T04:50:21.676Z
alt-svc: h3=":443"; ma=86400
Content-Length: 211201
last-modified: Fri, 31 Mar 2023 13:02:36 GMT
server: cloudflare
etag: "2ae215c5fadc573d743e304a48d0124c"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 803f2ca9ab893626-FRA

GET
H2 206 40dd2ea391bdbd18254f8a0c5986f4ba.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-09/742530/ 2 MB
2 MB 191ms
92ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-09/742530/40dd2ea391bdbd18254f8a0c5986f4ba.mp4?v=1694259815-CeeROqRvmRykcnMdIBm7NtLU-LnPeRai112803xuyBs

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04a9c09ae0295e87591be8031ae5d4fd49e94cbb98087ee0af69e31fc84f81f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Sep 2023 11:43:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 105530
Content-Range: bytes 0-1979627/1979628
server-timing: cld-cloudflare;mitm=c;dur=238;start=2023-09-08T06:24:44.750Z;desc=miss;cloudinary;dur=212;start=2023-09-08T06:24:44.772Z
alt-svc: h3=":443"; ma=86400
Content-Length: 1979628
last-modified: Wed, 06 Sep 2023 12:08:26 GMT
server: cloudflare
etag: "7416098cc746208ba7034b94f72a9111"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 803f2ca9ab8a3626-FRA

GET
H2 206 f6fa96a2fd05c8d6ce8ac644e44c86e8.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-09/485100/ 516 KB
517 KB 85ms
83ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-09/485100/f6fa96a2fd05c8d6ce8ac644e44c86e8.mp4?v=1694259815-fGUxTDPMC_7KqbINYjyUSU6gvxe0cpShEpAiNZ8iBYk

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c425c1e42606ddef74cdcb2672f323e085299f158e84edc2bebfae57379a1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 82160
Content-Range: bytes 0-528120/528121
server-timing: cld-cloudflare;mitm=c;dur=148;start=2023-09-08T12:43:13.749Z;desc=miss;cloudinary;dur=124;start=2023-09-08T12:43:13.768Z
alt-svc: h3=":443"; ma=86400
Content-Length: 528121
last-modified: Thu, 07 Sep 2023 09:01:58 GMT
server: cloudflare
etag: "f98ded182402a8a0676618edb867fbee"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 803f2ca9fc373626-FRA

GET
H2 206 ebaa591e1d96a2fddcd71d997fd1d3f1.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-03/369403/ 369 KB
369 KB 85ms
83ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-03/369403/ebaa591e1d96a2fddcd71d997fd1d3f1.mp4?v=1694259815-sIqt4i4cklX_jCSoTusfz2H-kS_5T1I-H82N3xO5YWo

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b915a7b09a8bb042359211c1aad5c43aeff5f2db8ca41a275c1faf18a99f790

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2055347
Content-Range: bytes 0-377456/377457
server-timing: cld-fastly;mitm=cpo;dur=186;cpu=0;start=2023-08-07T18:54:01.236Z;desc=miss,rtt;dur=0,cloudinary;dur=175;start=2023-08-07T18:54:01.244Z
alt-svc: h3=":443"; ma=86400
Content-Length: 377457
last-modified: Mon, 27 Mar 2023 14:40:43 GMT
server: cloudflare
etag: "9b7e849c1d663daa3dbda65d880c1995"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 803f2ca9fc393626-FRA

GET
H2 200 /
www.ukr.net/ 166 KB
166 KB 56ms
55ms Image
text/html 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-ray: 803f2caa0c603732-FRA
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK vr Show response
ghb.adtelligent.com/ 48 B
314 B 114ms
113ms XHR
application/json 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/vr?bids=18960
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1H3UH/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 48

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
26 KB 540ms
539ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=301487239759809&correlator=1107840725183163&eid=31077190&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694259815866&lmt=1694252615&adxs=995%2C995%2C995&adys=196%2C1108%2C2089&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=1689813985.1694259815&ga_sid=1694259816&ga_hid=1524669659&ga_fc=true&dlt=1694259814666&idt=688&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&cust_params=page%3Dbrandundefined&adks=2774844501%2C3317177319%2C3449700283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5da943a0ceb61a655d4542585fb17100fe353b4694089debae1ac7b9f3059b92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26096
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 2 KB
792 B 113ms
113ms XHR
application/json 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463288&aid2=812819
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1H3UH/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 22d53efb5994cac7c53e25f744c03c8e1812cd185eadfcf3511f3b4f9975b488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:35 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 486

GET
H2 200 i.js Show response
cm.mgid.com/ 0
126 B 72ms
60ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1694259815888974535779
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516465.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 803f2caa7b5e41a0-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 i-noref.js Show response
cm.mgid.com/ Frame A57C 0
144 B 69ms
69ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=169425981589160372422
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516465.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 803f2caade43369a-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 138 KB
30 KB 164ms
53ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516465.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: XMG0ZPTC9G6SDSGC
age: 766
etag: W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 803f2cab8cd29112-FRA
x-amz-id-2: Mm7rsAnOS5OnuJ+1JuhKP/DIsERsHZTIOXX/uzUyIlY+5qyX/56dXn8pv4m9VUtbKR8EOnC7I4g=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 155ms
42ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/u/k/ukr.net.1516465.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=165981
accept-ranges: bytes
content-length: 63913
expires: Mon, 11 Sep 2023 09:49:57 GMT

GET
H2 200 container.html Show response
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D673 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sun, 08 Sep 2024 11:43:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2BFD 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sun, 08 Sep 2024 11:43:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://bid.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-9Xp389rLJs8m3l99VngyBjfDyQ0J3VetroQMmlQz&gpp={gpp}&gpp_sid={gpp_sid}

43 B
484 B

122ms
122ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-9Xp389rLJs8m3l99VngyBjfDyQ0J3VetroQMmlQz&gpp={gpp}&gpp_sid={gpp_sid}
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:36 GMT
Server: Adtelligent
Etag: 769d183167a8f7db
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-9Xp389rLJs8m3l99VngyBjfDyQ0J3VetroQMmlQz&gpp={gpp}&gpp_sid={gpp_sid}
access-control-allow-origin
date: Sat, 09 Sep 2023 11:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 183
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=171cc60a-81f3-47b9-a6c2-45798fbbc4c1

43 B
473 B

288ms
122ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=171cc60a-81f3-47b9-a6c2-45798fbbc4c1
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:36 GMT
Server: Adtelligent
Etag: 769d183167a8f7db
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=171cc60a-81f3-47b9-a6c2-45798fbbc4c1
date: Sat, 09 Sep 2023 11:43:36 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 165ms
49ms Image
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Sep 2023 11:43:36 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=769d183167a8f7db

35 B
349 B

149ms
41ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=769d183167a8f7db
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 09 Sep 2023 11:43:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=769d183167a8f7db
Date: Sat, 09 Sep 2023 11:43:36 GMT
Server: Adtelligent
Etag: 769d183167a8f7db
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 469ms
118ms Image
text/html 44.193.144.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.144.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-144-116.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D566 624 B
826 B 197ms
82ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhii4tniATAB&v=APEucNXD0HSheYvQTjmAER-sL_ov6I9nQO031QwSIZYwDLdKZv5Gd6K-VGYFdrISd1NP0zt1c-RONGhBANoTyGlOA2e5QK27PknM98Nxm-rC1fIpfSa4euacIJRwU75-CwrpVZpfoxOZGSWER7xpvy_Oz7e9dRX39N99Neehf6mll8JlgynDc80

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:36 GMT
expires: Sat, 09 Sep 2023 11:43:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D673 86 KB
30 KB 240ms
124ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 11:43:36 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D673 42 B
173 B 282ms
167ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dy8Away9SRgCjIHe6FLJMe-Z8CfTb5C2e4Sh7Ez9SDZim78qHJPjuuP-rbUl7mCeFW-53mErzt8IBHuCR5T9nmzSJYF3YDa2Q_FekyfWSKpc9_s68

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D673 0
58 B 282ms
167ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15800235984770887509&x=1&ct=76

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D673 3 KB
1 KB 152ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 15:57:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D673 20 KB
8 KB 146ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 15:57:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D673 181 KB
57 KB 228ms
102ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 11:43:36 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032308011702000/ Frame 2BFD 222 KB
62 KB 207ms
85ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032308011702000/amp4ads-v0.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661b9181598efd849b90636204935e0548653d01ad6e4310302717ca608f787b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 08:19:26 GMT
age: 357850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62102
x-xss-protection: 0
server: sffe
etag: "8d839e19801b5269"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 08:19:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032308011702000/v0/ Frame 2BFD 15 KB
5 KB 263ms
142ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032308011702000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 08:19:26 GMT
age: 357850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "166738ad32285252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 08:19:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032308011702000/v0/ Frame 2BFD 94 KB
28 KB 249ms
128ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032308011702000/v0/amp-analytics-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 08:19:26 GMT
age: 357850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28952
x-xss-protection: 0
server: sffe
etag: "cfd252d60a6db402"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 08:19:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032308011702000/v0/ Frame 2BFD 5 KB
2 KB 275ms
154ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032308011702000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 16:51:15 GMT
age: 67941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "a86a0dd8f4aab9b6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 16:51:15 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032308011702000/v0/ Frame 2BFD 40 KB
13 KB 265ms
145ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032308011702000/v0/amp-form-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 08:19:26 GMT
age: 357850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0
server: sffe
etag: "02797982c4ca8b38"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 08:19:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2BFD 14 KB
2 KB 145ms
55ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 10:15:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Sep 2023 11:43:36 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2BFD 3 KB
3 KB 150ms
52ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 52094
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Sat, 09 Sep 2023 21:15:22 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2BFD 344 B
474 B 147ms
48ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 82464
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Sep 2023 12:49:12 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13271839916186101244/ Frame 2BFD 7 KB
8 KB 42ms
40ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13271839916186101244/14763004658117789537?w=195&h=102

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4343fb98085f3525368b8c2841c6c1e0e60e7947a37b686481bea24d5ba39918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 11:14:55 GMT
x-content-type-options: nosniff
age: 88121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7664
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:20:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 11:14:55 GMT

GET
DATA 200
OK truncated
/ Frame 2BFD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2BFD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2BFD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72c4a799e685190865d4a84faeb1fec2729ba57f48807a964fe2806f50f7572d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2BFD 33 KB
34 KB 143ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 23975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D566
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

43 B
336 B

68ms
68ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhii4tniATAB&v=APEucNXD0HSheYvQTjmAER-sL_ov6I9nQO031QwSIZYwDLdKZv5Gd6K-VGYFdrISd1NP0zt1c-RONGhBANoTyGlOA2e5QK27PknM98Nxm-rC1fIpfSa4euacIJRwU75-CwrpVZpfoxOZGSWER7xpvy_Oz7e9dRX39N99Neehf6mll8JlgynDc80
Protocol: H2
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOT8HcOK5m2JqRVsVGHvYwe04fGjDMFpxcfXc2ipQR4SP8PHP%2B8q1LadfUmAfQTYzT62dS2%2FSckvXjTq3SQ9uowZeU0KJOCnSAsuMYoi14P9JgnnwRg89y1L9DWC%2FIca3zoFdqgXagtyPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803f2cacef702bad-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D566
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPxaaLHa2vOzo0fBXXSk0wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

43 B
771 B

59ms
59ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhii4tniATAB&v=APEucNXD0HSheYvQTjmAER-sL_ov6I9nQO031QwSIZYwDLdKZv5Gd6K-VGYFdrISd1NP0zt1c-RONGhBANoTyGlOA2e5QK27PknM98Nxm-rC1fIpfSa4euacIJRwU75-CwrpVZpfoxOZGSWER7xpvy_Oz7e9dRX39N99Neehf6mll8JlgynDc80
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LusL%2FZ%2B%2BmZ7d%2FMatE11zvoZUyeSUHrX2ds%2FSsIxAj9K198NCOayq8oJm1HwhGh0HKTtbQnX3BZZjrbb7F3hdycYQwGQ2jQnEnaeH5WxA3pJFf0edp94fYYvvkknCNoJ1TQheUU95K8yx6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803f2cae1c694d64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D566
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1

43 B
836 B

41ms
41ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhii4tniATAB&v=APEucNXD0HSheYvQTjmAER-sL_ov6I9nQO031QwSIZYwDLdKZv5Gd6K-VGYFdrISd1NP0zt1c-RONGhBANoTyGlOA2e5QK27PknM98Nxm-rC1fIpfSa4euacIJRwU75-CwrpVZpfoxOZGSWER7xpvy_Oz7e9dRX39N99Neehf6mll8JlgynDc80

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
an-x-request-uuid: 65246f4b-6696-4e62-9aab-a08c4019877b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D566
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D

170 B
243 B

51ms
51ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
an-x-request-uuid: a9f54ccb-e592-48bf-aba3-5e0ce10355b5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 134ms
41ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

874c08791cabfd2f2c2a2d0476213d931de92aa00518cc31cd05e033cb5dfb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 09 Sep 2023 11:43:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D673 0
56 B 144ms
143ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4271966088441&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D673 0
56 B 144ms
143ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4271966088441&version=m202307240101&ct=76&x=1&cor=15800235984770888000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D673 74 KB
34 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq0Vpx1ofsN7AEHs3aFbDJLdVQj_t6Ck9mAX-tlivoIKzCQiEaZKbrNJKi0gQo3gzDxQNMb83pTOJ7HaImiOM_BYvA2A&cry=1&dbm_d=AKAmf-BvSQvDRpYhljJD80G0cjoEhWhix_Fn-nqkljNNVLlWxLC5CfAFOrE6rkZJmwOAsPmB4rb621hteKqZgTm_iWcl_ycqTnRWlPq5-3q4-Tv2FkygiDNwf9D8k7_u89k0zRqCqd2bVIMxgoyEGxCScAVETCNzN6aJgE1R8HDIBiwQRFcWbp6W-cZGKqRQn5mINb4sOGSFbIyMmFcQ_vTi2trYx9AgHdS1hhAURcZzRp-VeWWyoI8zFBXF88ND5W95PetSF7QpS_MNu61AkHKLoK4dnLOdkIfi3PWfAerQxxlPTWHxpKgI6k5hyu6fmdAUJuAZoTf0OH613LsE3Myk2FN3qoOhyuVnlO4LZ6G7ealsNnQCJbwdb247YvHiZv--04UCfybmDTOzJG13im8ns4rFhGAXOeZiH5CibYGsd6tA2i_wk1g9FB9l_ye4IKK530B_0zFvJstJMVlomDroh-76Uc80QKXTruHP3fjty9u6kY8e6nPxkxzzmxD7-SuxxinBJmuKG16cnt6ZQT_3L1U_w_cpPSRqTkgDa1234HGPxnSjZQJ0D9udaXOsNLxKYImHEsj9bPqU__b_gwVU2g6pmyX-TDXK0t4uQbwjCPE_czXz_W1Pzpj_Qc91k2vLG1_HLxsVYcMUWmtXcAqLCpMi7Ngv1B494Q569KMxvvJWF3bMKpkFy4BrXvjViNimzlvTKgafyJ5kvgp_6jtSbl_eJq0a6HuihfVBPmeygx4BZqj48eIqP-J4MbWTfucwVsDXiXRTmctdnMnG347oF5myBTcfiMKCioAx-2gnckG0FyuPDV5_5Zi6ldtMbK_ziU0We5jwzjb1yZuBNYWgw7u0KQfTBXwVfTHumLyZr86DiZBufNRbAIRDJm9ll0ewSTpz2Z_mrevjf-znOkBWqHluXQDzJfIDGtXU9qLXVjoom0tuxTrmGcgi65TcGNDbDgEzDEA820gRWXfoQoXTmOPjp3pkbOTn4gUTxn-CNhYjlSxFAeFLsX8rzPk2WDxSURu0KWdWCBPVAI5Ih62nzvyyfOUTXohTNV4l44MHdM3DYqaNP4wCZdzHucIb0bSVBfsbeTS77i_6rZp_g2uOo0X3QN2Jr8sWbBYCOVSVU85bpuCkxQuxwqtzfL1wVU1Ullh3GBUu564wItxWqvG0hB9alxu249BVqZuVphDZShubl3gZXqBAe30oiRRtIyUbc2qp_i_DgbSKxRuHBuO3zsxkNfSaZlGRIHgj3NvC5fWXQV9IgPDjd4AAk_x44PMpe9e8VTenJ-HQJjaI5Q6HbPsRo7cLBPY9WOAw8HZUdN8gwsa9csaV8z6zpUPT9GC8osYNE40RItrWCYv52l1yoCm-70qbiyoTHNMhijlyIZHV_h7MuptJOdnscyiG_THZqjCJuKVQGXyYL4_7gW_r0DX-RnTO1dq_ZUyrNji6FisrA7EGs2E6H9U1JYxZ8pMU9MuRHpntUAzbFuGnnoudIYPmFMtVxJg830RUGHSqRocOUJDyr2tJ4NpPEEeKOKDMDGabpDn-ehdUeYox7uUZ-6Js38Ypnf90sN0avPGOy3IoXUQfQ5Bibq1VN0TjC_JuAv2BA7HBDDq-FdljkSNAhv8nUeK1rRuyvl6dondrJy5crh1ipuKaV70CixXyq4jWwCyhM9B9Fwcuw0VhMfZUZ8KXH__adAUsSQCZPx7PEPZ3kukUchfNHM0B4w6UWcA2ep8nKKXYJStRtj-ekj2ESXrhiHNuxqYkLbW2SvucTEtgeFezfO_PbYxcYVU1SAj3V6oaF5vBun4y9UvZD_KPJv39Wss704IoRAGVFUsKzsbprG4h2tRdVW4xf_kzIBEfGvwTk0W_Mi-FCdWTFvG1_dbbVtevBL2THJ1IRaWkziV9A_iQkH4Bxiee7Vad7KNvuUdmYP-9vmmYnE4nBJReFDTCklBrHFmu6L7wPj1yGTZ4saZTLKYCQI_27A_NAP-qS21LoFeo7DlnmFWSFTxqk9F37bMcwCLJmXK_vIVCNMTTLWD3QTE_Y5uyo8D5stdj3OPugauzvKi26mG3Q6EcQWdWE1J-JZEZ5fs7RNt_0mHFs8Yc75eopiiU2BamyY_UGhkEsI3q2HbplcB6gpagWe2tun4t3UHi_p9QzXqMQF4kx8DRPHNR6QmkU0jg27k3-mkE5HhYGej0Y7qaAZe1m6gisj5ho5HcAjwpeKj81cNyfdgqOspJin45KJx4CT4N19LiVei441kBPXL7UPxha-UX9RivePh23_RKkud1hiylYxCTcL1jItV3gJoTZL9dcSokpe8Ung8hDX36UjMj-oDEj-TrCIOoQ6bkIyZiTugSqm-K-mK3fMA_BE1_qs97-JrcZ0XlEE3bUzn_TR8OklLGo4whxy8VH1cOxmGnORAmSrN-zu1f1OvjxhZcUY6qqq_0fjfUgMP1sBA14iSLz8h15-xUHP7CoTBbu7lJyFNwpR2DvJYVy6DqGsejUDKYpso7tgvuC1mKq4W5xDJcwHATODvJcNsJbPU56all68qIPD-pnu8B7moX_nss1BrKqPhLYvF9w-298si2M9HDFi80DM_GnTW9ZfDe2_SoKBQgK8OlW84ZQy-iXeV4o3H0aJMlHWgN63ZECmgpJnZRRJ4SDtYhNuocSunqlUYpDduVPwpxm7m0mh3IAOfSPsc-rmkVf-u6ACciEQEWoxxJhVMdlxMB751WaKo5TLsPfR60GqjdXNB9m44p31SxmI2pDzB5SYYi436zaVTRoeCJLBiWgXvgymDZsjt9TWWrgcBJHhDxSlN9xPEDGgnasISJa7QH8hBg3OtYj_T3McbHTY65wP9IPYDrGQWdiE7GrgvdhzioD2jZBL2ipblwF7VgM4xfmsZ7hJ_QhCei0xjr3-zNiPM0m6vXBCEzd_ZpcCEXJd8w-4sge_4E7BcHHhiq7zbWnwZQRJhCAHTMsyLHeES0EFlUaBAFqqzW0TENWvlmn1tUPz9JRHqRseXrhe8iT2pvCrMinYkqzKKKyG7pl5oysgHGKRsx2_HsUFHqR73gdmHBLKFgDfIcVhoUIT_jZJ5VBoOTfRkMO_nPjaoMkS3ZML_NDND1KIefAaj4WnNWSO2hp6AqoJXlI-jXEoPwkvOwgGBqTkIOGJKhl9vLmWbOARL2j7HSO0H5MWrGROgBm4j6odCDzdr_KwD2DqoJW6sz9MeGzBBSzP9KUoaWhpnpr-7Ts319wq_7JsmB6-R0guh38D1vUyZ4j_iDcDc-v6pQ4-uZFUQOG7mUlMm_DmzqtWnoyWmMxqBQ_W1aZVQnTUZYvoKHcr9cjkbummcb6UQ40wgVPQT781VtT0_Sy3Y5xKkd_IEKSG6v9YuHORBhEVpE2wyMXWSq0pgALaoF3xiPSJnu5dnOZYdIzeL03EvOW2Rh0nel0QZjuXaUCX4880s7s8xo4841xNSO1MAcrvwulxOX5docLuySMU8IGD8_qFA4LGXbFPetJnGFmVonA6dzG3f7uCls-hzbjAgPn8N6nPrOf5eKqAdtSrU-c3HyoY8YuUDjTtYKrpzjATAXKu-RsBbCCqZscYMRbiq1NKDqOg7tasLOv9tqUgMmtMBhp-ENagvsWtCxSlK0MBKpbHrJ8BcHvvLMcr4dli4kAv3luEVWLgmjTuEUOdGa4Buc5zw9I_yi4U5WMjZX39B83LPdrPY9cxQLlTEzAi45hyDIWrXdbV3fAHSGwyZ_IjqsSKuFf-PELk2HtEhWKHPU6xASwVkzfCGwqk8KC-gglFQWk4pnlQhUoGMqvScDoMGPh27Qmcb-erHXhw-643upfV-dUzBeAX-7XnDB59IgKco1mYlPQcNJnQ3eJYjNQO2iQh51s154WwwzgGBhBqcU_J3jCHTAfupBonomV1L-lF-KDMl5&cid=CAQSSwBpAlJWjBRP-vKh1OpcRsl2ZOSC6o1IsphAZHY6k0IXRG83aa3CyxECDyLItwFvXqgQqX-9iRfNS9mzlxer6kDrcf1WFcf2hKz47RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=15800235984770888000&adk=2086295851&idt=283&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd3d8a22c9a624b5709996628712d223738d623d073d16a7a9464ca0e6d183ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34161
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 142ms
142ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_whirs&c=sf&s=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EB8 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sun, 08 Sep 2024 11:43:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E305 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sun, 08 Sep 2024 11:43:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1925 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:35 GMT
expires: Sun, 08 Sep 2024 11:43:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ 276 B
682 B 143ms
42ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

18d4d854d5540cf7e90d983b0b00fd057b686697c733bba10268514ff69ff1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 09 Sep 2023 11:43:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2BFD 0
0 88ms
87ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYGA2Z1r8ZKWJIoH0x_AP4PqUqATjoaWdbPe3z6G5EPTgqfrvAhABIIjZs5gBYJXCpoKwB6AB-ZzzlwPIAQmpAiMlTo-D87E-4AIAqAMByAMKqgSbAk_QNG3JadhqXOf0OXZ3jx2BDxBurfa081Q_mwZngjwzTx0KTxZYcGrGv4UD5op04WCSjCIkQm7ELRrPcWQnT_8BX9LR06a-kEn3jIk_Y_v3PgMrl5g6pA3ybcNO1jLCOagdndXJMYdiW7njDDV9PLU5zqi6qpCnx2iGe9x5VnUbyJXjmc1iwmjOGTSboobOm-dwoJ8Uqg-IfXSt7VY-en1oRcuIcFQ3EztfOyaubdwoaAM2-Hw5eO009_gK-Sri-Ty6-l78l3tnpZcA8NBjGrJDS3VcBeoqNiBB0Nu6RiRNMawka3yQZ8YKlVWQeLez20rKJ3pWUJllFuwUJSrSYghYAWBZZSOB_zA3VDDS6VYUBVoUCZv0TAyt4HbABLivu5WOBOAEAYgFg6Lw-UOgBi6AB-_ijGioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDZ-RLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglAaHR0cHM6Ly93d3cuYWxwZW53ZWx0Lm5ldC9kZS9zb21tZXItaGVyYnN0LXVybGF1Yi9tb3RvcnJhZGhvdGVsL4AKAcgLAaIMDCoKCgjktLEC7rWxAtgTA9AVAZgWAYAXAbIXHwodCAASFHB1Yi03MDA1ODEzNDExODc5MDA2GN-2kAE&sigh=lAWrHqd3iYs&uach_m=[]&ase=2&cid=CAQSSwBpAlJWjBRP-vKh1OpcRsl2ZOSC6o1IsphAZHY6k0IXRG83aa3CyxECDyLItwFvXqgQqX-9iRfNS9mzlxer6kDrcf1WFcf2hKz47RgB&template_id=5000&cbvp=2
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame D673 30 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq0Vpx1ofsN7AEHs3aFbDJLdVQj_t6Ck9mAX-tlivoIKzCQiEaZKbrNJKi0gQo3gzDxQNMb83pTOJ7HaImiOM_BYvA2A&cry=1&dbm_d=AKAmf-BvSQvDRpYhljJD80G0cjoEhWhix_Fn-nqkljNNVLlWxLC5CfAFOrE6rkZJmwOAsPmB4rb621hteKqZgTm_iWcl_ycqTnRWlPq5-3q4-Tv2FkygiDNwf9D8k7_u89k0zRqCqd2bVIMxgoyEGxCScAVETCNzN6aJgE1R8HDIBiwQRFcWbp6W-cZGKqRQn5mINb4sOGSFbIyMmFcQ_vTi2trYx9AgHdS1hhAURcZzRp-VeWWyoI8zFBXF88ND5W95PetSF7QpS_MNu61AkHKLoK4dnLOdkIfi3PWfAerQxxlPTWHxpKgI6k5hyu6fmdAUJuAZoTf0OH613LsE3Myk2FN3qoOhyuVnlO4LZ6G7ealsNnQCJbwdb247YvHiZv--04UCfybmDTOzJG13im8ns4rFhGAXOeZiH5CibYGsd6tA2i_wk1g9FB9l_ye4IKK530B_0zFvJstJMVlomDroh-76Uc80QKXTruHP3fjty9u6kY8e6nPxkxzzmxD7-SuxxinBJmuKG16cnt6ZQT_3L1U_w_cpPSRqTkgDa1234HGPxnSjZQJ0D9udaXOsNLxKYImHEsj9bPqU__b_gwVU2g6pmyX-TDXK0t4uQbwjCPE_czXz_W1Pzpj_Qc91k2vLG1_HLxsVYcMUWmtXcAqLCpMi7Ngv1B494Q569KMxvvJWF3bMKpkFy4BrXvjViNimzlvTKgafyJ5kvgp_6jtSbl_eJq0a6HuihfVBPmeygx4BZqj48eIqP-J4MbWTfucwVsDXiXRTmctdnMnG347oF5myBTcfiMKCioAx-2gnckG0FyuPDV5_5Zi6ldtMbK_ziU0We5jwzjb1yZuBNYWgw7u0KQfTBXwVfTHumLyZr86DiZBufNRbAIRDJm9ll0ewSTpz2Z_mrevjf-znOkBWqHluXQDzJfIDGtXU9qLXVjoom0tuxTrmGcgi65TcGNDbDgEzDEA820gRWXfoQoXTmOPjp3pkbOTn4gUTxn-CNhYjlSxFAeFLsX8rzPk2WDxSURu0KWdWCBPVAI5Ih62nzvyyfOUTXohTNV4l44MHdM3DYqaNP4wCZdzHucIb0bSVBfsbeTS77i_6rZp_g2uOo0X3QN2Jr8sWbBYCOVSVU85bpuCkxQuxwqtzfL1wVU1Ullh3GBUu564wItxWqvG0hB9alxu249BVqZuVphDZShubl3gZXqBAe30oiRRtIyUbc2qp_i_DgbSKxRuHBuO3zsxkNfSaZlGRIHgj3NvC5fWXQV9IgPDjd4AAk_x44PMpe9e8VTenJ-HQJjaI5Q6HbPsRo7cLBPY9WOAw8HZUdN8gwsa9csaV8z6zpUPT9GC8osYNE40RItrWCYv52l1yoCm-70qbiyoTHNMhijlyIZHV_h7MuptJOdnscyiG_THZqjCJuKVQGXyYL4_7gW_r0DX-RnTO1dq_ZUyrNji6FisrA7EGs2E6H9U1JYxZ8pMU9MuRHpntUAzbFuGnnoudIYPmFMtVxJg830RUGHSqRocOUJDyr2tJ4NpPEEeKOKDMDGabpDn-ehdUeYox7uUZ-6Js38Ypnf90sN0avPGOy3IoXUQfQ5Bibq1VN0TjC_JuAv2BA7HBDDq-FdljkSNAhv8nUeK1rRuyvl6dondrJy5crh1ipuKaV70CixXyq4jWwCyhM9B9Fwcuw0VhMfZUZ8KXH__adAUsSQCZPx7PEPZ3kukUchfNHM0B4w6UWcA2ep8nKKXYJStRtj-ekj2ESXrhiHNuxqYkLbW2SvucTEtgeFezfO_PbYxcYVU1SAj3V6oaF5vBun4y9UvZD_KPJv39Wss704IoRAGVFUsKzsbprG4h2tRdVW4xf_kzIBEfGvwTk0W_Mi-FCdWTFvG1_dbbVtevBL2THJ1IRaWkziV9A_iQkH4Bxiee7Vad7KNvuUdmYP-9vmmYnE4nBJReFDTCklBrHFmu6L7wPj1yGTZ4saZTLKYCQI_27A_NAP-qS21LoFeo7DlnmFWSFTxqk9F37bMcwCLJmXK_vIVCNMTTLWD3QTE_Y5uyo8D5stdj3OPugauzvKi26mG3Q6EcQWdWE1J-JZEZ5fs7RNt_0mHFs8Yc75eopiiU2BamyY_UGhkEsI3q2HbplcB6gpagWe2tun4t3UHi_p9QzXqMQF4kx8DRPHNR6QmkU0jg27k3-mkE5HhYGej0Y7qaAZe1m6gisj5ho5HcAjwpeKj81cNyfdgqOspJin45KJx4CT4N19LiVei441kBPXL7UPxha-UX9RivePh23_RKkud1hiylYxCTcL1jItV3gJoTZL9dcSokpe8Ung8hDX36UjMj-oDEj-TrCIOoQ6bkIyZiTugSqm-K-mK3fMA_BE1_qs97-JrcZ0XlEE3bUzn_TR8OklLGo4whxy8VH1cOxmGnORAmSrN-zu1f1OvjxhZcUY6qqq_0fjfUgMP1sBA14iSLz8h15-xUHP7CoTBbu7lJyFNwpR2DvJYVy6DqGsejUDKYpso7tgvuC1mKq4W5xDJcwHATODvJcNsJbPU56all68qIPD-pnu8B7moX_nss1BrKqPhLYvF9w-298si2M9HDFi80DM_GnTW9ZfDe2_SoKBQgK8OlW84ZQy-iXeV4o3H0aJMlHWgN63ZECmgpJnZRRJ4SDtYhNuocSunqlUYpDduVPwpxm7m0mh3IAOfSPsc-rmkVf-u6ACciEQEWoxxJhVMdlxMB751WaKo5TLsPfR60GqjdXNB9m44p31SxmI2pDzB5SYYi436zaVTRoeCJLBiWgXvgymDZsjt9TWWrgcBJHhDxSlN9xPEDGgnasISJa7QH8hBg3OtYj_T3McbHTY65wP9IPYDrGQWdiE7GrgvdhzioD2jZBL2ipblwF7VgM4xfmsZ7hJ_QhCei0xjr3-zNiPM0m6vXBCEzd_ZpcCEXJd8w-4sge_4E7BcHHhiq7zbWnwZQRJhCAHTMsyLHeES0EFlUaBAFqqzW0TENWvlmn1tUPz9JRHqRseXrhe8iT2pvCrMinYkqzKKKyG7pl5oysgHGKRsx2_HsUFHqR73gdmHBLKFgDfIcVhoUIT_jZJ5VBoOTfRkMO_nPjaoMkS3ZML_NDND1KIefAaj4WnNWSO2hp6AqoJXlI-jXEoPwkvOwgGBqTkIOGJKhl9vLmWbOARL2j7HSO0H5MWrGROgBm4j6odCDzdr_KwD2DqoJW6sz9MeGzBBSzP9KUoaWhpnpr-7Ts319wq_7JsmB6-R0guh38D1vUyZ4j_iDcDc-v6pQ4-uZFUQOG7mUlMm_DmzqtWnoyWmMxqBQ_W1aZVQnTUZYvoKHcr9cjkbummcb6UQ40wgVPQT781VtT0_Sy3Y5xKkd_IEKSG6v9YuHORBhEVpE2wyMXWSq0pgALaoF3xiPSJnu5dnOZYdIzeL03EvOW2Rh0nel0QZjuXaUCX4880s7s8xo4841xNSO1MAcrvwulxOX5docLuySMU8IGD8_qFA4LGXbFPetJnGFmVonA6dzG3f7uCls-hzbjAgPn8N6nPrOf5eKqAdtSrU-c3HyoY8YuUDjTtYKrpzjATAXKu-RsBbCCqZscYMRbiq1NKDqOg7tasLOv9tqUgMmtMBhp-ENagvsWtCxSlK0MBKpbHrJ8BcHvvLMcr4dli4kAv3luEVWLgmjTuEUOdGa4Buc5zw9I_yi4U5WMjZX39B83LPdrPY9cxQLlTEzAi45hyDIWrXdbV3fAHSGwyZ_IjqsSKuFf-PELk2HtEhWKHPU6xASwVkzfCGwqk8KC-gglFQWk4pnlQhUoGMqvScDoMGPh27Qmcb-erHXhw-643upfV-dUzBeAX-7XnDB59IgKco1mYlPQcNJnQ3eJYjNQO2iQh51s154WwwzgGBhBqcU_J3jCHTAfupBonomV1L-lF-KDMl5&cid=CAQSSwBpAlJWjBRP-vKh1OpcRsl2ZOSC6o1IsphAZHY6k0IXRG83aa3CyxECDyLItwFvXqgQqX-9iRfNS9mzlxer6kDrcf1WFcf2hKz47RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=15800235984770888000&adk=2086295851&idt=283&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Sep 2023 06:26:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame D673 11 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Sep 2023 07:12:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D673 0
0 192ms
87ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOkribXmpc5hJFZHqSgwao4rlPE-YDFVxX64OkzPbJw7zk7tV9ueHJvg0fDxWhJ-4QaWqxrV6U8IwHINqBYAdETZtNilxpmwtsmBtlWcrozZrnFHw_94r8XurT-zQq4p-ReNELdA_V33igDwUBD8KnPj5n0aGInjCDYY0UIVuVwluDEOTUEKzuGucs_wLuZwgVz_QIYbMrNSnpIVhMvYvcNFe9MybDKeJZlhxV9lulVOV-uiWjVGV6akCktN_y2xdLNRN9fbKeIagH7aGlaSSr2Z99cI3RLYwHxhhQXbeUYOHMpr7iEH9XZVfrsFwK81maISbXF86KL84KC_XtE-63fUr6heJtg16uHwog5vNjWCTQNp9-5CyCDD1O8pjMoa2btcosxwr5-uiVy8dvNd1WOayLTBaYUkoETkTtzCwHensYFkB5_bJepHa_PpQ0O9N4T3UNBKnht8PCgVLVdosR9q7KiyD9yEiD_DS5Wdn7IT_FAO1HTA-3NtHcXDbbbilW68qHZHgCyvsSr0bkGJkZYu1rBYd80zoBtSpcKGkSY6j_80CoDuvkZsNLykWH1nEN3APaYCEc_MdDbi4z3GxW9uL7hvmdjDQThnAVfzrX_64fbo9vrCrKKMbymvN-huT6OtZQ1BsmIYsaJKQ-DWM3EU6oIAWgUJzPMxRpeJRKN9JrV7OAHZnBshkwqxTt3LPJOSxGYWITZUKUf1nSwQvyA7oMxpX8BnqzY6AuVKHDMTDkHacH84p5w2ReNypz0mYXqf6_eoHUS21YTjVrT14PilGrcMtgHybJSd_lK7_7gwfmJqgl4E3yYMIRr_xkSU0YFrtxo6qVC9ynalUVaO2vIJLkW9DoMHaxl0KGkJBGfhFLrJ3vhVhogYkxmXHa-DtKAZ7MTWnecNtfB9eJ3aripFOMnav4Da0Stof2XGVTpayaWp2RUiZREcHK75yb25pAP0W4pVNlNTmCLsSHN5VZQym5pmYmAbWYgYZ7HrVHMW4lN0mVjTixMVsJ76_LYro7EtBLI95zxkmeRabONbocsYhc8sDDGR8-M9SApvYMyoXrBSBaroHvfgnSoZL4JYJBe1BipPKjIw2vpWq_M6a88Ri045kP6U6NFs8xPBG-9fqqs8O_VbEnw0GvaEEoUr3NkkT4vxF7PXu9BjXwrJ4wuT8K6Ie2yQH65-rwqd-qObm6YFVVuxVZ15OBKnBR1LhXWLd-9ObIOA6BaDQnSibOhUlEv6NUYr4sLny7HVFrX4ovirKSgz5Ax-rP3Oz4RgE0H9qRoS6HKd49kFxbeRjJLO4GSXwAD7zyn1IEgERgTEDIDVJNteuD6HsDBZlAphyExh8pRKYUUS6Lgsaa0wMKqMolh8UJRCK2HNzuzEEmcISsT8OhFqdrxAk1KJaW1aQTgfULHw&sai=AMfl-YSkufX_yKXxFsqiGqG30UjGqNsaNWEX0QcM_cprsNPI8uQScADwPwW8IcStAkj6z0rzt8VdQadD9btFdII6Uj08T03Os79KaTcabLsPb0fNxFC4cVVb7Mh9IUSljcVF4-GmfThJioJHwmhKtvT_eLYU8HhaGHLNSHdzeZuAgCyYmiz0V2Vj1oPIKvUO7NY7NWXUIW5xMnggAyvkXOw-nMJ1PmnVDH_RklSqClXJNsdQ8lHw5KZnSfXq1bUA9GJFNGJIhkopZPoSHJTPcA7tC7sMleKe7Hf7UvjBbKloJguCaZoR7C-IXeHF&sig=Cg0ArKJSzP3_saJsg3KxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230906.29993&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Sep 2023 11:43:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D673 41 KB
13 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET
H2 200 17493895121871029835
s0.2mdn.net/simgad/ Frame D673 45 KB
46 KB 146ms
39ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17493895121871029835

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85c3c534be1d9159d3e152265039bdb80c52acb8c8b897a466fb1aa726ad779e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:01:32 GMT
x-content-type-options: nosniff
age: 16924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46375
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 12:52:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Sep 2024 07:01:32 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 6EB8 222 KB
61 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6EB8 15 KB
5 KB 69ms
65ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6EB8 94 KB
28 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6EB8 5 KB
2 KB 70ms
66ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 6EB8 40 KB
13 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6EB8 3 KB
3 KB 47ms
45ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 52094
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Sat, 09 Sep 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6EB8 344 B
368 B 45ms
43ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 82464
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Sep 2023 12:49:12 GMT

GET
H3 200 14922079445478211030
tpc.googlesyndication.com/daca_images/simgad/ Frame 6EB8 111 KB
111 KB 49ms
48ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14922079445478211030

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1666783ed29ecf9932c2863454156963e4031f4d7792f34404ca861f0cbff5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 03:02:04 GMT
x-content-type-options: nosniff
age: 117692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113691
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 01:40:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 03:02:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6EB8 0
0 92ms
91ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBIYJZ1r8ZOXbOPqJ1PIPrLuAiA6UlJHpcqnUjImNEu6_i6nePBABIOefw5kBYJXCpoKwB6AB--TfmAPIAQKpAiMlTo-D87E-4AIAqAMByAMIqgSWAk_Q9c0131f6a1X0fQqZVhZ66lym3am7yWwJcBdF0aHChfxQWS2onGZbcXl95xsP-04p62rYn9j_RBcm8AfFpLg011se1gFHEDkuz1KMPUimwal2m5Vq1O6DDzR4b7q_oWbmCSXK4nITtYhocsLmZEJ1CpAZknKBwzdKMf0IqrJgXW0pY_juuAgFkNo4JjFJRFyl_MfvY8vCtkt3P7KpVDM8itCHkESyUqkoIAFYecm2yXSAJXH4uUshZ4Xy5KG7JeI_wS6XF1irGWSJR46COpW84REi9lbt-bmg7ewnrzLPcWDe9AQYquLG12J-4tUxpXStUaDK4-R_G1nfjFWRWNc_ayJ9Ws7fzxlclRYbhdfFdphRI8qIwAS14sHIrQTgBAGIBfaI669LkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-2aoGeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDFjkfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgnjAWh0dHBzOi8vd3d3LmVucGFsLmRlL2FydGlrZWwyL2RpZS1zb2xhcmFubGFnZS1kaWUtYWxsZXMta2Fubi1iZWthbm50LWF1cy10dj91dG1fc291cmNlPUdvb2dsZSUyMERpc3BsYXkmdXRtX2NhbXBhaWduPTIwMjMyOTc5NTc0JnV0bV90ZXJtPTE0OTY3MDYyMTQ5MyZ1dG1fY29udGVudD02NzEyMzQzMjAyNDQmdXRtX3BsYWNlbWVudD13d3cudWtyLm5ldCZ1dG1fZGV2aWNlPWMmZGV2aWNlbW9kZWw9gAoDyAsB2BMN0BUBmBYBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=qjlcKXeCRvg&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 850F 624 B
245 B 85ms
83ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWuZC5lmHKUqv6QclKb6oV_KXYg8__Px3a085SwJ0qRQsLHEiIclWO2Kuq3NFmxMEcSFa2oj283Z2-pTqyWdBqtmWAGcCvrqri-QDCgfdj7rJZrGOprUoFLnuJW5Cr-q7654nwuMiDNo3-ga3osYLyF9XEUW882L8Mn2bUnqwgaEnRpF10

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:36 GMT
expires: Sat, 09 Sep 2023 11:43:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E305 86 KB
29 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 11:43:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E305 42 B
63 B 146ms
144ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDxq6T1X2aMeImyX-tqYnmwMycXF32Z6P-DjntfD93-yEopogPG86lE-KOYwlFfWh6_lkuPw36jqI9Ljxn7aVk5-GR46qQMyMMbTNtKIjt0i-5md8

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E305 0
20 B 146ms
144ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2125282083045135067&x=1&ct=77

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E305 3 KB
1 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 15:57:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E305 20 KB
8 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 15:57:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E305 181 KB
57 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 11:43:36 GMT

GET
DATA 200
OK truncated
/ Frame D673 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36c580bfb0456b22c52f9c17e44953c1d9c0c075b8966b270b45791e6c9063e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6EB8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaeb2ab4dc8337bff5640b3ade41801dc695161233d54136b02631c83ae8554e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 1925 222 KB
61 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1925 15 KB
5 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1925 94 KB
28 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1925 5 KB
2 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1925 40 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Sep 2023 06:23:51 GMT
age: 105585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Sep 2024 06:23:51 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1925 3 KB
3 KB 48ms
47ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 52094
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Sat, 09 Sep 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1925 344 B
368 B 49ms
48ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 82464
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Sep 2023 12:49:12 GMT

GET
H3 200 8772626124427775177
tpc.googlesyndication.com/daca_images/simgad/ Frame 1925 64 KB
64 KB 49ms
48ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8772626124427775177

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e86d3b6c6ae23697dbd93ea325bd93e34258532573a91bb5620042e275e9272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:24:04 GMT
x-content-type-options: nosniff
age: 22772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65073
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 11:23:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 05:24:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1925 0
0 85ms
84ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzZe_Z1r8ZNzfOPqJ1PIPrLuAiA7B8KHqcsjK77PcDrLl0uCyARABIOefw5kBYJXCpoKwB6ABhtfXvQPIAQKpAiMlTo-D87E-4AIAqAMByAMIqgSmAk_QV5VU4_HDojt0CpNOvEOldOIuDayJXgreUhVF1do6La5mmvwPp6KPb5hwo2Giejp-xQz8ryChnyGL-04tT8K81WT5YRNVJ4yqQL5zshBPmNCOZ3VkEwRqahLGt77Vg63RaMEJQv6k1MhYFhsK0bBPm9aJ7Z93217N3KMMlvaiJ5_0lxxB44n5S1i4mmneTSTXDfFUahGBAThL5L_yjbajY8t3vHpTJwPxwcl5q6j--42qF01GR3PfzE3JxOo-1KAg1UAE-jqejiQ43jMlVWzXs5nDtRSGXjN3_XSuvTxo0cwl8TYLgTt4suqD3C3uh1Oz_1fjtEVFUJ5LJq8L9xUMaUa-uapgxAHR6RnYjdlV3Sp_Z0G5ucFgExQUnCBp6VwPKXAL4MAE5o_jrd4D4AQBiAWqrJHgOJIFBAgEGAGSBQQIBRgEoAYCgAfiqKhCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtNMJ0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJPGh0dHBzOi8vd3d3LmxpbGllbnRoYWwuYmVybGluL2MwMS0xMDgtYjAyM2ViP3ZvdWNoZXI9c3BlY2lhbIAKA8gLAdgTDdAVAYAXAbIXHwodCAASFHB1Yi03MDA1ODEzNDExODc5MDA2GN-2kAE&sigh=kEfmJIDqYHY&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1925 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 963c40d64c03573de6315917f75e265979c387e9385dea5da8ee70dd591dfaea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 850F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

43 B
735 B

79ms
79ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWuZC5lmHKUqv6QclKb6oV_KXYg8__Px3a085SwJ0qRQsLHEiIclWO2Kuq3NFmxMEcSFa2oj283Z2-pTqyWdBqtmWAGcCvrqri-QDCgfdj7rJZrGOprUoFLnuJW5Cr-q7654nwuMiDNo3-ga3osYLyF9XEUW882L8Mn2bUnqwgaEnRpF10
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seFMgW%2F%2BRmS5e15HCAJlzdBaQio7WCLUkpHbR9naRUFTT%2BgX4aN0D1MsJE5F9p4KYVC0U%2BNcDIg%2BbiCsMNVYTOItJlXW9HAMcmhFxZHc0Zdo3z8fqrH2SKDQ7FeMG0xQtxX1QSP49iY5VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803f2caf2d514d64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 850F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPxaaLHa2vOzo0fBXXSk0wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1

43 B
742 B

57ms
56ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWuZC5lmHKUqv6QclKb6oV_KXYg8__Px3a085SwJ0qRQsLHEiIclWO2Kuq3NFmxMEcSFa2oj283Z2-pTqyWdBqtmWAGcCvrqri-QDCgfdj7rJZrGOprUoFLnuJW5Cr-q7654nwuMiDNo3-ga3osYLyF9XEUW882L8Mn2bUnqwgaEnRpF10
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vurxyIcCSqtTpaYZxRqbtWTePiUt11X2qr7wIJ8fSPmjGNI%2Bf9nsD1Vw2IaPzLW4iug%2Ff%2BzNT1LW3ccChoqzk%2BEnwuYz%2F2CI63jqwb%2FaEHYcht68%2FSJV5PFj%2BEJD1eAmV%2BFqy%2FPPaP8b9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 803f2cafadd74d64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPkS4m-ocfqzEFAQkWyiXog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 850F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1

43 B
836 B

67ms
67ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWuZC5lmHKUqv6QclKb6oV_KXYg8__Px3a085SwJ0qRQsLHEiIclWO2Kuq3NFmxMEcSFa2oj283Z2-pTqyWdBqtmWAGcCvrqri-QDCgfdj7rJZrGOprUoFLnuJW5Cr-q7654nwuMiDNo3-ga3osYLyF9XEUW882L8Mn2bUnqwgaEnRpF10

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
an-x-request-uuid: a1bf11b9-45cd-4f4b-b13d-78e0f930d8c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENXPaMSxSSuXVYyiWm6F-o8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 850F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
an-x-request-uuid: 34736940-f0b5-4eb7-943f-ec694230ad10
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg4MjE2MzU3MTIwMzQ3MDczNQ%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7B95 22 KB
8 KB 102ms
101ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 526436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E305 0
20 B 191ms
191ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=502018079686&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E305 0
20 B 191ms
191ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=502018079686&version=m202307240101&ct=77&x=1&cor=2125282083045135000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E305 16 KB
12 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAABWs2Ji0vopZNDpnw6W5tBLUADCKUcmABZV1GCPlrwOYGYe11Jb0bvZYromJpX_dZ8HPQRp103cBMOgsq7fyvaK3FUxIUEYEM9K3T4in8qTrzLRUgfYRIKEHqG9dc6B5b3_KVB6NWBkKiXs7rjv1_aky3CpP7xU5LOTBF2ZHTJivyec&cry=1&dbm_d=AKAmf-D8nmcadqzS7NXfZoQ64fQEuRayw6YQVoUYraTgH8OXzvgnkr_IO7pOXLcsEyom3133JXzGfNm-FzP-7rC0d75ZOFWbNigUDuCxWNUembRAJ-j5N4eZh5HMYVoGp1U6YNdqTNyl5Cf38O6A26VC06U14pSHl4-fQYJezaa2y323UozgH1E2_UTgODwaaUlKAVN1KneIr7GtcsoiYmstSU1BhuhOGFcwq6Nm7nUtb5VUbAvVFuqAQaz2HNrBVniXEZWCQ3HKOgCMjaVm9q2rRxn4nLd7WXLC97XyHPUDEaqyejDMLMM1o7fyhBlkQymt2i0hXggQTqQ_f1ZSxKAvCAxbVJbX0qjKoh_taFQFpfRBuvSEvYfeSullhAHnlcwuMf2fa8D9JR1pgZm6vq0dCxL-3qSje_V8sRYWAHZ5cny6fQyPjIqB8NaixTb9kXyifwhfzOYjzhycWRGClCAbfXuI2vAwqVw-aIAtK_bsvheNAsg-v1e5SVXzXIKfEW0bYWXY8nWciLYGA30bVYjRsr4sc2kpujWLHgP2vxIMKybzXTAdkxvCrwsgQE0PNqUw9EZ_tOL1ewsKEWsuGIFfVkhcFKfJb3QN7j3eP7DjpV9cfPG2_Q0XAyVo0sS-rAwHiLSacthdZLkG8rdOUXUIEmsh_XRURwGXvTSas9Ml2aW2bhM9QGXnybaTRFiDkl0eyyoT6PrCfUvku-KbJTAPgwN8Vw2UVc1L8mdxLvBX6KxRewcwX1dO3HF1aPO75AN79xQdMrkGe15AMRPhKbDFgLaIWrVXTUkc0xOOgjHnYb2J_zj_oxA92lYMd5a6BeFIzV3l_4eZgSjcZj1mCEHLQt0DJ5op6vaeGwXYJpODDXoQdpyUgsn8JimIZNwxSPYY9Dbb953cH7UQMpwqjpQq6UwCZT2Nqqory-HQMpqJpdYkHfMJ340_3cH6rSrn5jDEOM50q3VZlUfLz-sQPE2KWi7y30JmiolDn_wtMTa-3TrBh66YPfbgcPx5Cro8VBaER1FEh22y4GufZfJmf1wx7dKsxFyVJ6U6kAFQWsXOoPkc_hexnj7x7AF05Y_5nRP1g3u0s-ECs2t6eNXeKyxjBc0uvMU7ADrPgLeWZL8KBISportesrShHrpNaRb4tqUMhqea_sGhPQRQMDiuBRkJoq67R9gh6BeYOoYzTAPHtrFlIvZ_NHkwcO-gpwse9KPW5i7olmGnnjQI9AI4o4mBLGb5zteY-jYlJ6WSLf7fje2Ih-w-iZjjfvexEKxGJBi1edsgUB5ortCVvyMsKE4_Q7kzqZLS7zizMpQjMUockkXM0fs1Ry7PXyRe0IXExPKjQwBc0hzfnnXmFsG5ra2F623xnRVexOasspUFpI6cuGHpUdspj1o8o1YTn1yawRXIWm5SGN2maqsDRPE5JUcxOm1JFOQaMSuuaMEk-o18-sInPh-mXE6ke-Zvswt_PW8e2VcJx3J2S6-CiSvbDtHNEFJxvacOU81h3RO7NOg8V6QBp4mPxGYydKd1YFTfl402cCKJoze8LWLIWd9wMfhdbhcuGmijMK7A8Qfi4iyfS0M1tiiOEPCaRAJDJzl9ycchdRLrMlHhjCa-xJ-afZFDBu_k6k8Yr27tOhHjb0aRC4kAre0WGR1DCw6Wbo4kdB7EOAzcSxAJoDBsikeNQ3vKECUni1Nn381mSBbzHVATDUFlS8KYSaEAn0AIlujZYeQT56OPVMJBuhd3PY4pdBQCduoZJhxOEBqIDYcbLaYppjCE4Jn_XmiD7n2hlkh7-vjTqYJahh-GRVzKTvN9P0Q0YJlRFGMEkYCujXt-lM-Gn_TQcaeaeJGAkzbCueM4rVbLGSjsyiEsXDgnV4BA40YL9UrX7MYfYaKT6CrLGCGo6UPCOOtr1RtN6PKNROOXX38TPnU8cwbWlFI1dqz04GDEzaLgD4a5IKzT5z8VS-gJVkR5fnH6PzLk4JQIy8xISt3tVGOaDDaoMyYM5pvsGpyImD9DEWbtO68I3ycbovzhdIF5S2YQ5Z3Cleb4sV8TxIJCg-zVHQbt6VTzf-ZHcqDVCQhMiOozSAbL4p7aSMS2kFrOYQasCqRAvmDOgCBBs_CmgsAATS5GbMlrgE6b9VOc8tsx4N5nHERVOe2bw9QXUHVPe3dcsUKZ35U8B9zAGD3GDiUju7UO7PaloR1HJ7ryTt5FckbZ73KuicOQ3Y5mEZE-wfAQSr9KJZ-O6AetZzq7ClnLG4yIchWClzIrr7-IFT_PH2TIyTWj6IlH2j9VVcyRwC-VNvGJ493z02XhAM12t5MBnsx28L4GcgRIqU63sBcpUGwLskPa68V0tcot6oFmZYE6CxI7R7PKG04sNskSNGZoI2aH7YrQcAvINmgXgBmjzHIxvAQZ1rKkkBNnaXa6TTN6P1ah9RpIVg807nWiQcxc0AfG-ai0w4ZicOSUJbrrd5rsfQR6IIxYaq_neQxhRhKbK3Yiml0SnY17wgHNxwzNcPr_sCpPtkF3VFxv7sDgpCnC0tKu5f3M61w41Y6e50OVRADkX-KT7JO93jA9GNkZ3NKhynYX2jD0InhplQ9TeTLqMYtjBz-1b5p4anO4r1ZwvxjtbKh9_pdgBVkDl9IgEwTseI0Y-63Yok_3PIxCJff7avYK5qvdo8M5ugRh3_KzddkySZdez46WPxDL6QrAwiTYU6uHeyyXGp2ZZp97JAoaRQRoRH9R9PoR4gMuS-JV3hOCopNYSwPTwxyvCNEJNSAxjbAm7LDmK5QbLyXo9kKeycyh2q4CxxRCOKyOGMssO_XRsFcaPulw8lUsnUwcXlcmfIRsBYGHyzEz2rRpQCshlZSdthnbOJuqQXFNdmVT86CIcKKl5jcxDvMvs1AeL-L37SlRdHhFx_nb6Db_9mBJmLngekfN4-FZk9Isc_CJBYD8WDHVqSDo9cajNuHOrs1hcIAfxaDdHevd5sSTcf5c-Amp_LRpa894M8BOlFWOYsTYQLHanz8xTKlDLpo9eTqV0Bm6UvoAUV5azpnyUgbucW4jU6QlTvv0ac8DUrxLTufvypyP34FjEf2EOU4yAPzY4GQ3DBO-Jr20K7F6z2F6HdGe1M50m2DjhS_VIRDndSN58OgRurZCAJ-rJ2TvITWZgEieg7d3kpiEuRGhS3tBd4YtIrow-8A7h8rc0gZnkB59UFH-DjJfPvxSxqvKGKgNcVZaznuV9ouQGOZmjSTVM3Z9NlW3-ODICK-CmmzdRWEOajN9t6fPmAvhTSI1237ZjmkYuG8BzKlG5XBKIR_EWPmR4X2IcKAaxjEECS3HTlMEWB_GqdiZamNJ7s1fmYuN2HzTDjPzlFfrH6E1gZcPIm-B0HCOB0yD5ciZnBP6NCKEX-pf-bJNKU6BK8b7FCO-CZKEU5uCwFDmlLeG_LamyN_Xks-_u3SGuU-qLdzuCZcQNp0INr3vQFaqFNAZwufZZzxNgsZ9x6BJdkRWCg7PnmHD81-lqsdoPhWJzaKmQkvqd8yfiGXAxqmJeHWXLjcbREKZnUUNsAQ-JhvnoIYYNZ8mT_cJzr9oPeUOwWTYZJhmOvgbw4-l_nOpAF9pfGYftNvpZd-5sw0LOKjh_91godJbqE_Ta-XgeE2w6FAbQUcqRAM9SquX0EBKkr8ZXDRue3lB-0uuLJbq3N9Wf7HGYXdCtTGtqdjzWyeIJ1A8y62pnkjNV-Rsn9Z49yKQRfVSEEZFl-2IfLXOJum50xZPMF7Hq-H1_QvwMwmER7UvEm10g9WwrvMb2vmazFxrjo0cU6FcgrKZmKyaXR-zNqWxxwlUvJwEPTbaGbkPL0aG7RwzfkOqJgcfYsoInNwSqDciut5zS6FkqnSjhj-Vq9RKbxoyZkBbAiRtlZnh58hColPVzI0kdAMWxNcTCDYcJ9Nyfy-5sSypq9BeXptFD1pNvu1FFE6HAoWQ4AFYaHxlh__SISRq2WSVEk-g96b5dBcgiKGtjlNZsNmoGR1T0CCzLlfEqPGBsAlOSxKSg55VC_3OpUInHR6V6eHX-YJxSogtX5sAgdjObzd1ScVYQaSoQofg8I1wkpI9YkQXPN42ep6-FVs2SIaL49Ej7QunyTC1Y1fGR8Jewbddm9YWJfX2UhGz3lhvyagRWhCK79njEIMj7gkehkLcGpmYNBxLusUhmF7c8SHT_MhhM9cDbTlGn68OqT8rxAM4yc3eGZqwz_UXlX-Q1fz_lzGwOURYGxBy&cid=CAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=2125282083045135000&adk=3690638929&idt=122&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d7ff6c7074eae01ba5064f83e28614b64f6b43a6235263328818239fb8db2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11879
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6EB8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

53ms
53ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1925
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

55ms
54ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8772626124427775177
tpc.googlesyndication.com/daca_images/simgad/ Frame 1925 64 KB
64 KB 40ms
40ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8772626124427775177

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e86d3b6c6ae23697dbd93ea325bd93e34258532573a91bb5620042e275e9272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:24:04 GMT
x-content-type-options: nosniff
age: 22772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65073
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 11:23:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 05:24:04 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1925 3 KB
3 KB 44ms
43ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:15:22 GMT
x-content-type-options: nosniff
server: cafe
age: 52094
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Sat, 09 Sep 2023 21:15:22 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1925 344 B
368 B 44ms
44ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 12:49:12 GMT
x-content-type-options: nosniff
server: cafe
age: 82464
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Sep 2023 12:49:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D673 0
0 78ms
77ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOkribXmpc5hJFZHqSgwao4rlPE-YDFVxX64OkzPbJw7zk7tV9ueHJvg0fDxWhJ-4QaWqxrV6U8IwHINqBYAdETZtNilxpmwtsmBtlWcrozZrnFHw_94r8XurT-zQq4p-ReNELdA_V33igDwUBD8KnPj5n0aGInjCDYY0UIVuVwluDEOTUEKzuGucs_wLuZwgVz_QIYbMrNSnpIVhMvYvcNFe9MybDKeJZlhxV9lulVOV-uiWjVGV6akCktN_y2xdLNRN9fbKeIagH7aGlaSSr2Z99cI3RLYwHxhhQXbeUYOHMpr7iEH9XZVfrsFwK81maISbXF86KL84KC_XtE-63fUr6heJtg16uHwog5vNjWCTQNp9-5CyCDD1O8pjMoa2btcosxwr5-uiVy8dvNd1WOayLTBaYUkoETkTtzCwHensYFkB5_bJepHa_PpQ0O9N4T3UNBKnht8PCgVLVdosR9q7KiyD9yEiD_DS5Wdn7IT_FAO1HTA-3NtHcXDbbbilW68qHZHgCyvsSr0bkGJkZYu1rBYd80zoBtSpcKGkSY6j_80CoDuvkZsNLykWH1nEN3APaYCEc_MdDbi4z3GxW9uL7hvmdjDQThnAVfzrX_64fbo9vrCrKKMbymvN-huT6OtZQ1BsmIYsaJKQ-DWM3EU6oIAWgUJzPMxRpeJRKN9JrV7OAHZnBshkwqxTt3LPJOSxGYWITZUKUf1nSwQvyA7oMxpX8BnqzY6AuVKHDMTDkHacH84p5w2ReNypz0mYXqf6_eoHUS21YTjVrT14PilGrcMtgHybJSd_lK7_7gwfmJqgl4E3yYMIRr_xkSU0YFrtxo6qVC9ynalUVaO2vIJLkW9DoMHaxl0KGkJBGfhFLrJ3vhVhogYkxmXHa-DtKAZ7MTWnecNtfB9eJ3aripFOMnav4Da0Stof2XGVTpayaWp2RUiZREcHK75yb25pAP0W4pVNlNTmCLsSHN5VZQym5pmYmAbWYgYZ7HrVHMW4lN0mVjTixMVsJ76_LYro7EtBLI95zxkmeRabONbocsYhc8sDDGR8-M9SApvYMyoXrBSBaroHvfgnSoZL4JYJBe1BipPKjIw2vpWq_M6a88Ri045kP6U6NFs8xPBG-9fqqs8O_VbEnw0GvaEEoUr3NkkT4vxF7PXu9BjXwrJ4wuT8K6Ie2yQH65-rwqd-qObm6YFVVuxVZ15OBKnBR1LhXWLd-9ObIOA6BaDQnSibOhUlEv6NUYr4sLny7HVFrX4ovirKSgz5Ax-rP3Oz4RgE0H9qRoS6HKd49kFxbeRjJLO4GSXwAD7zyn1IEgERgTEDIDVJNteuD6HsDBZlAphyExh8pRKYUUS6Lgsaa0wMKqMolh8UJRCK2HNzuzEEmcISsT8OhFqdrxAk1KJaW1aQTgfULHw&sai=AMfl-YSkufX_yKXxFsqiGqG30UjGqNsaNWEX0QcM_cprsNPI8uQScADwPwW8IcStAkj6z0rzt8VdQadD9btFdII6Uj08T03Os79KaTcabLsPb0fNxFC4cVVb7Mh9IUSljcVF4-GmfThJioJHwmhKtvT_eLYU8HhaGHLNSHdzeZuAgCyYmiz0V2Vj1oPIKvUO7NY7NWXUIW5xMnggAyvkXOw-nMJ1PmnVDH_RklSqClXJNsdQ8lHw5KZnSfXq1bUA9GJFNGJIhkopZPoSHJTPcA7tC7sMleKe7Hf7UvjBbKloJguCaZoR7C-IXeHF&sig=Cg0ArKJSzP3_saJsg3KxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=306&vt=11&dtpt=304&dett=2&cstd=0&cisv=r20230906.29993&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Sep 2023 11:43:36 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 114ms
114ms XHR
text/plain 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/1H3UH/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Sat, 09 Sep 2023 11:43:36 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B95 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 14:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 14:49:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E305 41 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAABWs2Ji0vopZNDpnw6W5tBLUADCKUcmABZV1GCPlrwOYGYe11Jb0bvZYromJpX_dZ8HPQRp103cBMOgsq7fyvaK3FUxIUEYEM9K3T4in8qTrzLRUgfYRIKEHqG9dc6B5b3_KVB6NWBkKiXs7rjv1_aky3CpP7xU5LOTBF2ZHTJivyec&cry=1&dbm_d=AKAmf-D8nmcadqzS7NXfZoQ64fQEuRayw6YQVoUYraTgH8OXzvgnkr_IO7pOXLcsEyom3133JXzGfNm-FzP-7rC0d75ZOFWbNigUDuCxWNUembRAJ-j5N4eZh5HMYVoGp1U6YNdqTNyl5Cf38O6A26VC06U14pSHl4-fQYJezaa2y323UozgH1E2_UTgODwaaUlKAVN1KneIr7GtcsoiYmstSU1BhuhOGFcwq6Nm7nUtb5VUbAvVFuqAQaz2HNrBVniXEZWCQ3HKOgCMjaVm9q2rRxn4nLd7WXLC97XyHPUDEaqyejDMLMM1o7fyhBlkQymt2i0hXggQTqQ_f1ZSxKAvCAxbVJbX0qjKoh_taFQFpfRBuvSEvYfeSullhAHnlcwuMf2fa8D9JR1pgZm6vq0dCxL-3qSje_V8sRYWAHZ5cny6fQyPjIqB8NaixTb9kXyifwhfzOYjzhycWRGClCAbfXuI2vAwqVw-aIAtK_bsvheNAsg-v1e5SVXzXIKfEW0bYWXY8nWciLYGA30bVYjRsr4sc2kpujWLHgP2vxIMKybzXTAdkxvCrwsgQE0PNqUw9EZ_tOL1ewsKEWsuGIFfVkhcFKfJb3QN7j3eP7DjpV9cfPG2_Q0XAyVo0sS-rAwHiLSacthdZLkG8rdOUXUIEmsh_XRURwGXvTSas9Ml2aW2bhM9QGXnybaTRFiDkl0eyyoT6PrCfUvku-KbJTAPgwN8Vw2UVc1L8mdxLvBX6KxRewcwX1dO3HF1aPO75AN79xQdMrkGe15AMRPhKbDFgLaIWrVXTUkc0xOOgjHnYb2J_zj_oxA92lYMd5a6BeFIzV3l_4eZgSjcZj1mCEHLQt0DJ5op6vaeGwXYJpODDXoQdpyUgsn8JimIZNwxSPYY9Dbb953cH7UQMpwqjpQq6UwCZT2Nqqory-HQMpqJpdYkHfMJ340_3cH6rSrn5jDEOM50q3VZlUfLz-sQPE2KWi7y30JmiolDn_wtMTa-3TrBh66YPfbgcPx5Cro8VBaER1FEh22y4GufZfJmf1wx7dKsxFyVJ6U6kAFQWsXOoPkc_hexnj7x7AF05Y_5nRP1g3u0s-ECs2t6eNXeKyxjBc0uvMU7ADrPgLeWZL8KBISportesrShHrpNaRb4tqUMhqea_sGhPQRQMDiuBRkJoq67R9gh6BeYOoYzTAPHtrFlIvZ_NHkwcO-gpwse9KPW5i7olmGnnjQI9AI4o4mBLGb5zteY-jYlJ6WSLf7fje2Ih-w-iZjjfvexEKxGJBi1edsgUB5ortCVvyMsKE4_Q7kzqZLS7zizMpQjMUockkXM0fs1Ry7PXyRe0IXExPKjQwBc0hzfnnXmFsG5ra2F623xnRVexOasspUFpI6cuGHpUdspj1o8o1YTn1yawRXIWm5SGN2maqsDRPE5JUcxOm1JFOQaMSuuaMEk-o18-sInPh-mXE6ke-Zvswt_PW8e2VcJx3J2S6-CiSvbDtHNEFJxvacOU81h3RO7NOg8V6QBp4mPxGYydKd1YFTfl402cCKJoze8LWLIWd9wMfhdbhcuGmijMK7A8Qfi4iyfS0M1tiiOEPCaRAJDJzl9ycchdRLrMlHhjCa-xJ-afZFDBu_k6k8Yr27tOhHjb0aRC4kAre0WGR1DCw6Wbo4kdB7EOAzcSxAJoDBsikeNQ3vKECUni1Nn381mSBbzHVATDUFlS8KYSaEAn0AIlujZYeQT56OPVMJBuhd3PY4pdBQCduoZJhxOEBqIDYcbLaYppjCE4Jn_XmiD7n2hlkh7-vjTqYJahh-GRVzKTvN9P0Q0YJlRFGMEkYCujXt-lM-Gn_TQcaeaeJGAkzbCueM4rVbLGSjsyiEsXDgnV4BA40YL9UrX7MYfYaKT6CrLGCGo6UPCOOtr1RtN6PKNROOXX38TPnU8cwbWlFI1dqz04GDEzaLgD4a5IKzT5z8VS-gJVkR5fnH6PzLk4JQIy8xISt3tVGOaDDaoMyYM5pvsGpyImD9DEWbtO68I3ycbovzhdIF5S2YQ5Z3Cleb4sV8TxIJCg-zVHQbt6VTzf-ZHcqDVCQhMiOozSAbL4p7aSMS2kFrOYQasCqRAvmDOgCBBs_CmgsAATS5GbMlrgE6b9VOc8tsx4N5nHERVOe2bw9QXUHVPe3dcsUKZ35U8B9zAGD3GDiUju7UO7PaloR1HJ7ryTt5FckbZ73KuicOQ3Y5mEZE-wfAQSr9KJZ-O6AetZzq7ClnLG4yIchWClzIrr7-IFT_PH2TIyTWj6IlH2j9VVcyRwC-VNvGJ493z02XhAM12t5MBnsx28L4GcgRIqU63sBcpUGwLskPa68V0tcot6oFmZYE6CxI7R7PKG04sNskSNGZoI2aH7YrQcAvINmgXgBmjzHIxvAQZ1rKkkBNnaXa6TTN6P1ah9RpIVg807nWiQcxc0AfG-ai0w4ZicOSUJbrrd5rsfQR6IIxYaq_neQxhRhKbK3Yiml0SnY17wgHNxwzNcPr_sCpPtkF3VFxv7sDgpCnC0tKu5f3M61w41Y6e50OVRADkX-KT7JO93jA9GNkZ3NKhynYX2jD0InhplQ9TeTLqMYtjBz-1b5p4anO4r1ZwvxjtbKh9_pdgBVkDl9IgEwTseI0Y-63Yok_3PIxCJff7avYK5qvdo8M5ugRh3_KzddkySZdez46WPxDL6QrAwiTYU6uHeyyXGp2ZZp97JAoaRQRoRH9R9PoR4gMuS-JV3hOCopNYSwPTwxyvCNEJNSAxjbAm7LDmK5QbLyXo9kKeycyh2q4CxxRCOKyOGMssO_XRsFcaPulw8lUsnUwcXlcmfIRsBYGHyzEz2rRpQCshlZSdthnbOJuqQXFNdmVT86CIcKKl5jcxDvMvs1AeL-L37SlRdHhFx_nb6Db_9mBJmLngekfN4-FZk9Isc_CJBYD8WDHVqSDo9cajNuHOrs1hcIAfxaDdHevd5sSTcf5c-Amp_LRpa894M8BOlFWOYsTYQLHanz8xTKlDLpo9eTqV0Bm6UvoAUV5azpnyUgbucW4jU6QlTvv0ac8DUrxLTufvypyP34FjEf2EOU4yAPzY4GQ3DBO-Jr20K7F6z2F6HdGe1M50m2DjhS_VIRDndSN58OgRurZCAJ-rJ2TvITWZgEieg7d3kpiEuRGhS3tBd4YtIrow-8A7h8rc0gZnkB59UFH-DjJfPvxSxqvKGKgNcVZaznuV9ouQGOZmjSTVM3Z9NlW3-ODICK-CmmzdRWEOajN9t6fPmAvhTSI1237ZjmkYuG8BzKlG5XBKIR_EWPmR4X2IcKAaxjEECS3HTlMEWB_GqdiZamNJ7s1fmYuN2HzTDjPzlFfrH6E1gZcPIm-B0HCOB0yD5ciZnBP6NCKEX-pf-bJNKU6BK8b7FCO-CZKEU5uCwFDmlLeG_LamyN_Xks-_u3SGuU-qLdzuCZcQNp0INr3vQFaqFNAZwufZZzxNgsZ9x6BJdkRWCg7PnmHD81-lqsdoPhWJzaKmQkvqd8yfiGXAxqmJeHWXLjcbREKZnUUNsAQ-JhvnoIYYNZ8mT_cJzr9oPeUOwWTYZJhmOvgbw4-l_nOpAF9pfGYftNvpZd-5sw0LOKjh_91godJbqE_Ta-XgeE2w6FAbQUcqRAM9SquX0EBKkr8ZXDRue3lB-0uuLJbq3N9Wf7HGYXdCtTGtqdjzWyeIJ1A8y62pnkjNV-Rsn9Z49yKQRfVSEEZFl-2IfLXOJum50xZPMF7Hq-H1_QvwMwmER7UvEm10g9WwrvMb2vmazFxrjo0cU6FcgrKZmKyaXR-zNqWxxwlUvJwEPTbaGbkPL0aG7RwzfkOqJgcfYsoInNwSqDciut5zS6FkqnSjhj-Vq9RKbxoyZkBbAiRtlZnh58hColPVzI0kdAMWxNcTCDYcJ9Nyfy-5sSypq9BeXptFD1pNvu1FFE6HAoWQ4AFYaHxlh__SISRq2WSVEk-g96b5dBcgiKGtjlNZsNmoGR1T0CCzLlfEqPGBsAlOSxKSg55VC_3OpUInHR6V6eHX-YJxSogtX5sAgdjObzd1ScVYQaSoQofg8I1wkpI9YkQXPN42ep6-FVs2SIaL49Ej7QunyTC1Y1fGR8Jewbddm9YWJfX2UhGz3lhvyagRWhCK79njEIMj7gkehkLcGpmYNBxLusUhmF7c8SHT_MhhM9cDbTlGn68OqT8rxAM4yc3eGZqwz_UXlX-Q1fz_lzGwOURYGxBy&cid=CAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=2125282083045135000&adk=3690638929&idt=122&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame E305 12 KB
4 KB 140ms
40ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1694259815929525&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: da39be4ccf0e65d7d736a37e5eafa88ea81ca31b4563dcd1f5b728934e9fb6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4224
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 593C 22 KB
8 KB 45ms
45ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 526436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js Show response
pagead2.googlesyndication.com/bg/ Frame 593C 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3m8HFB-ShPtDzcYempcQY_ASUwv-AHBHVawPPC3Nvm0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14740
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 06:26:29 GMT

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame E305
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

200ms
120ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=671361045285&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9adfd6f134bc748486c8068d11b0bdf429be8fd17c936d61f01ce7e920b34a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Sep 2023 11:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96112900046186404444554012442011
Connection: close
Content-Length: 1356
Expires: Sat, 09 Sep 2023 12:43:37 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 09 Sep 2023 11:43:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=671361045285&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 09 Sep 2023 12:43:37 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B95 0
20 B 147ms
146ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdKWCaFr8ZMy3GfKK9u8Pm5mtoAQAAAAAOAHgBAI&bg=!g4ClgM_NAAa6D61Rmg87ADQBe5WfOLrt7-_YgMx5zldfnGM-H1YywU-QVLGcD6V-LvrHZj-s-p4unPXh78JNhJIMXVhIAgAAAG5SAAAAB2gBBwoAd7xZRYUjBNhKHzkRrbOhnsGHkwmrRJuEyr6L-UbX6hAZzvJ9ZYCZ2TK4Fn46DLYXeLkaPemKJZ0uzLcNsTqoaEo2wF5ncy6D0P1hNCrhyD1bfCbGj7QmQJceKgNlVIFSOJ8BXP3QwEYLerk8WBy3iDcLLjd-OP7GmQMN4ZbY_teeE6Baqu7OEaDjJZLTfCCLGdpkw9xWJ2TdPnonqwlQdu4taO3KEFN75pIJp60ZSC-DNdZK-yz41QY90HMQWGsNlevoozQGNbnD9RvHHB0O70MRc7p5d3KyXFGO09gWHuKh_f_xyN4cWNrKmZR99_SXLymJyw0B5JgVU-4BRvcl0gu3PCKOUQLIl0urhTqKsnwa2wIerSNhAWp6On6yNbQJ0CeYWcf1VBVdUylPi8FccKz_hj2kBj3vl-Jqr_LCiubHy_IgWbdQqSub2dLkTvj464X0W3WQOofw2UuC1_fFpBeXKMO7QBELdhR0HT-R8lXWkv8HGgF1V3wFDgcN9Q4oOW67VK8ystYhqKh3KAACHb05lOin8kpvFa2sA_zUW9LaDS2jdMb0RjpTlXBo-pGItd9csklvLwRbDjY19rnri86BbE30rVPeRcKrROV1tNoamCyl1jQsT_WrcTBt06lXwAMa6iwMv9-hm7YAxOVWFs68FAmMiAf0eVrRC5GghMy4Sc5fvrY6_zqoX9syWkfdaFflHzCc2RhcQbXsQecyAQtu2_jNOch4OHNr-RB1_vXiLOuCnTYxB3IQqWR_WHKQmvUXpIyK5PHggwkx2rzCkR2thnCmG7CV29XnrHmbhbS1sokeneuFKhWXL8qnAq9yAZe72Sak_Ot6Yk2QMp6UJ_gwlQD4VS2e3KR9R2YLAu7_SbWJ53uRu3NekgIjl8ikdy_hBc2lIDw04GNbgSwpAIgwzzJSeH7a5exPQ0i1AQVtib5SiafqOQ8gb8W37d2l4kalM6IP-biae1xmv_UiRqFcfV397E_oL2i6__3X0feAC57BfxYVNzZRSVYPzrQRtJyURC907UqcsJTz4ixFP11HF_84-EHXV6varBauaILnlae5bZqDdzmzX8h7lfEtW4yy4-nHuo07ac1XnzZIE-huWqduuv62INJLGUN4Pl1Lfp5XstIwoDb9a2t96k4lcahkcPt9r8fZV9yP2EdzouckiXR4gXcULYncbw0inEOnPxip_9Smpg

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 593C 0
20 B 147ms
147ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoB7XaFr8ZN2IM7WT1PIPpbyx6A8AAAAAOAHgBAI&bg=!8POl87zNAAYoa5rMCGs7ADQBe5WfODQgOnnDeZ75mI8t5hyonho8gn2DaUpb2GDMcwRIL5x1NlXvr3DHZQB4TKFuiE66AgAAAHhSAAAACWgBB5kC_lqXO5S_noS9Q6qlOv-KQ9eHKN9nrnX1RgVvdRsx-F2cEyUQY7QQJZEutJzcITTiO7IaSgrcuP7qJTEnuGxe98lYA6WGJuA1YdGRzUH-Imv0DlpI4wP_Oflep--TcZ1-gdzI5CM0CmGQTpcAqnby0lN8Q5k_opk4BLmXoKXf81-ntY57qFZ7iPkpvI2rrDRosPI-0noy4vziOXH8cOTLBHWZjtQ4xIaznFx7WLlwyuHYL60_61FrwyrCYvPoWSdS-SPZrMoJNhgz81jEd5S4isCNOeiQ9Y8DMxwXqIJa-9M9bhZLF3Z6Jc3AYUFs5j32561FIDP2lmlaJcBwpR5mhONzHNcMNWT7ol2HkP939l-AQsTlbdjWpRi5Wjxv6nHLIQb3MTiSQYciBuq4gMv6HJTUWmHW2caobyJvKbew8EHo35oDxR6AoSdVCQo1mYDgFNYLEugsBch2Mo4LVI0ZkzBymr96264b8f1wDQ0ovjyJzkRxEGj3m913M3cAgcf5Pjy8xpijTmuCCn3Vcm9Ob4PN90Q0u3wtLyJXhrffFZCVK3nKZ-0bFQM26VKBtZtJObMDpcAyGAksOj_G1NKEQQJZrXoszhetRUnQLTR60IC-8L-5ZOFsV-ISY4-iep76r316ecxnRYC2h3R_eOjVOB-6MJggYXNNXOeGEgahN1uAkQflz-Xy2AXGP46JVXJG7JzrK9DHKt46XOoUcVz9_EqmolvjWtXOs3pDIKm_0verjzrToEAmooVSoogo4eanCGAhwUqOtV2Vvlh7M5WHvKjUoJ7c74D_z3-M8GEztD_zDbAs_oByCMWiR1YX6cfQK_IfzZDNUF8HuNQSvZ5fqKIIsrjO1PrdltMRsnubbGg6PDjToM3p_k-4NVn3PS0qr2UDtXPZkg-OfwH-dklyztfdpk5M4UVWr7yfK7f6H4XPts7BSTScYcdwZXQUA0dlVjorf3yR--OpQqo4E25ZCLJfnLxBE8v2EEGZ5pRgGmT7Lq68P3AgVsUFO8XLTqY

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame D42A 930 B
931 B 161ms
42ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=671361045285&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sat, 09 Sep 2023 11:43:37 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sat, 16 Sep 2023 11:43:37 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 997A 0
465 B 161ms
75ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96112900046186404444554012442011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=096406a54f&subid=&uid=5ab1635c214b3317&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUGPTZ1r8ZPXdOPqJ1PIPrLuAiA6m5b2gaa2VnKfJD_AuEAEgiNmzmAFglcKmgrAHyAEJqQIjJU6Pg_OxPqgDAcgDmwSqBIUCT9AJGXc5hoo6HMU-6D_VFeQioxZqlo7_WMLgJ_f2k4svjwTF300KVSbt4W5Re0Xv-rN-7fLIC5mjGMXfAdxz68yYZL9fzH7ZIHf1R98phXbZJEwx_2RMT5Gx6_ZQy7jrB9_lmr-kbQBc8e9vmg4oPQ5h2QID77b2GdZmeRbjHjsichDBLXaTSHXyIviScfnKYkgNHrt1vWOge6Gcd-0mQA22ahNKvJpNqunCQCKd3BuXDuNpKSSADTF98HpZw4mNCRoAyRNN2oj64Mo0NSfiMR-JbEDrCy_pLVk5O5DUbo86hdH53CUU5l7KiZfWsABNRCfr-WrQPqHkBBvycgpFj2VbRxP1wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIta3x07mdgQMV-gRVCB2sHQDhEAEYASAAEgKPnfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB%26sig%3DAOD64_0N5HeJz3B_BIS5TpFDUkJcQEWCKg%26client%3Dca-pub-7005813411879006%26dbm_c%3DAKAmf-AhCkRH-t5NN52dLLOYPUbNfENVtmSIy3fgzfsG0RefoXXr_6ucupFALp_S_KBqpUSveLKn0TOMRBP49HStdaUTElq3sOBPibqUeCjP2zJlJRImeCmCjihWVztRm9sUiFzA0nLF_ZGEjj3gRP-X5y9U016EBWfG8bNyVa8uQ5-R8Rb9dqA%26cry%3D1%26dbm_d%3DAKAmf-AnjChRqn4VYF9VOHujF2X76hPRPHQTlQtXLKCpl_EIRhGN47Jqp0p7wFEbdZU11hrrJDaAVTgLXbgEehpyQu9bNxo38ivTANnDB2NAP-uxNg1Vil9i-ewaDpaUO98VAZlb1q-SYq-FZNdeDv5n26wP-pDG5uOG3L7suXSTPRPL9lNhlGIQ-n0rJ_yyw2wi48N9S2qoHb9cp07d6tDLiTrGSq6vHjeVKh3ZOvfrAUe1c2WilAooKEn8_5vahZJFlpY1wyneSQp4Pf4sqihh6VgjIlbVyQxW5HbCH_LJrpwtQj1iOsrVH0mEYy36O3wwomv6clwXy7n-glB_Qro53saKOIhpWXLegWN4DHWbywiRkIDMaBgp_H1q2-Me1AShomQjO8iuc0x5ZcC4_4f9ENXMV7xkEl1Cgg3t0799arJXpI6tC0kOskGe_tQNAa55uyTS-oJ8gpbU3hNgb5hy_SqS0X93PC2Q_CINOwKN_KwSdKhyWYcBmMlGCCOg8Se-hvazdR2fOzZFFKLAS1kuJSCcJ3z1xXPOS2Ib9vWl8uCDpPKFzWw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=671361045285&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Sat, 09 Sep 2023 11:43:37 GMT
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 50FF076C:C176_91EFC182:01BB_64FC5A69_F69DD0A:B82A

GET
H2 200 link.html Show response
track.webgains.com/ Frame E305 2 KB
2 KB 219ms
95ms Script
text/html 13.42.176.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=96112900046186404444554012442011&nw=1
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.176.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-176-194.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f9a803ccbe33f8d1c9a7e566e63f968af2ed499fcbe977d1d0df2bfa16c53f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:37 GMT
last-modified: Sat, 09 Sep 2023 11:43:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 09 Sep 2023 11:44:37 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame E305 0
465 B 263ms
77ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96112900046186404444554012442011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:37 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF076C:C2B8_91EFC182:01BB_64FC5A69_F6A7F6D:B82D
X-IPLB-Instance: 40028
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame E305 43 B
481 B 297ms
80ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=96112900046186404444554012442011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:37 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF076C:C176_91EFC182:01BB_64FC5A69_F69DD15:B82A
X-IPLB-Instance: 40028
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E305 43 B
704 B 193ms
88ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=96112900046186404444554012442011&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Sep 2023 11:43:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2BFD 42 B
64 B 147ms
146ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6xj8QjuZg7UNKARVlWHkSrF8_cQTowUPUBA6ZCVyqtmUcmeYsro5IUycBmCujMtlp0TZWGcueLtEeJtSh-YAsJBCexreU17HG4grkIrZiK7lxE_4y7PFSMfbt0jwwxj2rq2tU6VJKx4nqdX5SBdkHuPkhI-pw9rrClsUKhn6qExnikGHVWaz_2sphk77jewcOsTV1UlVvM-_ddXc5Yt8KPgNXIvEye9JKyBuDzwyg9gkeJq_bKFXv6SySebWHq91IL42vnP_1kwhH-Uv2CcpGVuS0OD5vP7TtymHqJgEsbkzPCAa9bc1PY06BQGOiGgQQO59x8XABOzRmO2m3bJ8DdI36mRrYdLma-OzwtymqD3D9DayWb5dOXx7fG636f-6waoVUhlzFl8dY9cwI39XkRpIH68g755iN5NBp87lUfGKfknOm41fXBP5C7Xfa7wT9NA7JT6kvlL9_J7Gaq51AhMdghDDW_cSuSdCAIZXvoncf-bDFZUgBKnoZZg6D8ntfT8XluonWyDpK148iGEJS9v5rb5CymtZmOSFmMGlZGIA9lTmj3wfo8GEV3EhGwv-Y9JF4VxVMVKsNbXKlDwPVXV7II-3bRP5Pvf9v2gMyaMQLPtlFd3q7fOLHcgQPvoIEbxwcYzwbygfEB9oo-lb1MGEsUx9e4Kup8fRDqEe-yGe417Te94Ff5PfyRDRva0L17_SeEPerbz2uPuhaWPpEqWd8nDy1-8LPtHoatQaFDpqXyK7xz_libsHklb7zDNE8JBAmVJTNQDfReRM_iqy0SmZooG4ZmQM2EtgFmEKKPFyM5DboekCftAXx0YhjtYWAZs2QjIQvYR8ThKvTM5Pc2vxz7aIf4ugcodtzjYwILEpxZR-IdaTIUAmCkf86Gq3z5voT3GTbPb9qXJSYvIqq2lRpz_jP2_Llv1iUpJ9NU5GXJ30KM2vOTV5SbBaD6gMwOOxk5XjD6tt3XCOuW3UXzBrAgOmw9REwPsuGFtzPbTqS9XproKmHS0F-D7rh_OmhM83-66-0NUW8Ou9XyJzA-LlaeJ7JVda-UYOD9uBvUrKQx6x3_SoV8aT5e7qKnTjcSK-Wfy2lTVlYinPSZv1OASdrgN6EPUev1-Rv3EWkAIaYurRmqlCHnuanDSGpsr2xgTgrH1OIvUIRHYDc6BY57nj3yT_WPFOKEnxC9l3ZF8vGGwn2iWQe1sGGAMUb1xEVxA-FTpA9DYv_Z4jXqUh0GC4HZG_-CXmiAtez2aQ3Z-PJxQNXLVmg6p6c1FfxBanbTxv-pN5COgrjSeE&sai=AMfl-YRFHWJtJl1z2xWcytxrBQq9kLLYCGCiM82rC_DRvUaYQVa1786ksZ8cdsASpaS0FcuFqYj3RdAW_mqeE2f-j9ndDWoDIng8Fp7tMOuNHy8irkS5FsxvguWf98HL824o7jkj6ww1hUTHs8KVLZ023nONjnE8nLwi1Q&sig=Cg0ArKJSzN23-XHSEjbzEAE&cid=CAQSSwBpAlJWjBRP-vKh1OpcRsl2ZOSC6o1IsphAZHY6k0IXRG83aa3CyxECDyLItwFvXqgQqX-9iRfNS9mzlxer6kDrcf1WFcf2hKz47RgB&id=ampim&o=0,146&d=300,145&ss=1600,1200&bs=300,145&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=520&tls=1525&g=100&h=100&tt=1525&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame D42A 121 KB
46 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e72541f6a097b58b832656edae794e4abca2dad5b3a948ccfa8f68df4e4f6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47507
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Sep 2023 11:43:37 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E305 51 KB
18 KB 173ms
51ms Script
text/javascript 18.244.140.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=96112900046186404444554012442011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.140.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-140-106.lhr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:12:45 GMT
content-encoding: gzip
via: 1.1 6cd1874959ee48e26855209aa18a4014.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-P7
age: 73853
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: OBexxVZQYIikoOpDpQlI53VzaORxxsRybdYaTpE88-Yc7XB6acNzHw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame E305 85 B
419 B 131ms
39ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1694260117&Signature=GjW0CQF5REgs~pawuC-mNDheTL~uhkTrTdC3Fwpw553g3ZJipjRk4XqCpSVY2B0pc30cp~NGxmugaEOi4~Ah9M6YvgGK23ypZ7qiZ~Jrt1pTSpQXehMHv74AwXZGfZJ~012KRyn6m7gY5Q5lC95s2pQLCvBJcPpfaqZB7f6MJ7eVwPV5Obl1CE2qsT5cbP7Mh3tpXKXEPzYqvo27bxRM5gHWHbXo0dlH0wGNyh6zEGJgeNzUZtLklPtMYk4ULcjVwMqy9FY7n0~chXl9xHknGJ9N~7jGBxk8OXeNVN~~POoEvfv~PVUacLjFI4pFrrlTPoC5OXyKM2MKRKnTPdG14A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:44:36 GMT
x-amz-version-id: null
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 61142
etag: "70af33d70b6810475aae19743c8c435b"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: 8vuTeQqq6gbZh550F7U6kWGqxhRmMAo8ZaCmI2vzqB8Xc9rB7RggcA==

GET
H2

200

activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235 Show response
5994599.fls.doubleclick.net/ Frame C503
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235?

391 B
324 B

85ms
84ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235?

Requested by

Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

d68ad167aa552236db3e2401b81072a7481226035676f8314870e5d597eb0e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:37 GMT
expires: Sat, 09 Sep 2023 11:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame AB72 7 KB
2 KB 118ms
40ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
Requested by: Host: d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
URL: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cd56b986ecd2094feb3631782f64aef552aa0977019f9f5f08954bef1e1c7743

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2034
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Sep 2023 11:43:37 GMT
Expires: Sat, 09 Sep 2023 12:43:37 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame E305 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3cd0dc092ee55d5abc5d746309352bafd6f4181056685a4bf9420dc0ff98ddd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame D42A 270 KB
90 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec000eb1b53a24d5f24af2685bf1ad2e725ec3da5290990cbf12d4b5cdc55307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Sep 2023 11:43:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AB72 5 KB
778 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Sep 2023 11:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 11:42:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Sep 2023 11:43:37 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame AB72 16 KB
16 KB 123ms
41ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3b207f0782387faa4ad5ad7c0e642f22d40cc3a3e7803c99b50ad110a696bff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16510
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame AB72 17 KB
17 KB 121ms
41ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5225ce09d08da708616eff1899dff0adb0ae86e790186ce9d053fe32fddfef45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame AB72 11 KB
11 KB 122ms
41ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1d51593008d1bbefec973002d46cf2545a1f84352f2bef5be2b387e40e6b6bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10940
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6EB8 42 B
64 B 146ms
145ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut7g5c5A8v_zJDSPVBwBB_FWSkepQ7sqcxuvbngwvTsWuUYMYRBD0U7ms_tcE5R79dJuz-OWSvtBsBwuQPT2w2iv-1UTy3oV2L3xOqx1yeigHeErAOpBY6rYLck3KPPSmipCKhF2neM54b&sai=AMfl-YTOGs5ziDm1ak3gNtFd3RtDd37gTc7pJR_VZdYnQx7vZZWTV8oYKbhr_3Jz9KYaWe-JgfIYBzN0lHIPt_bgBIBOf0wkymnbjJati0wFisSQqHXpd2hfjPno9GP1xhn2wFOwIIRew-Xqq0br&sig=Cg0ArKJSzJuT_Lb0g0DcEAE&cid=CAQSSwBpAlJWKpgT66Xm31cRd32Ig89kKaZ8hUrgtW9E3L2N44S8XGe8qPaHZ0gy8btD1J6EN-bz6bfERmrIxvqWgENeXp2IFVd_tnNi_BgB&id=ampim&o=0,601&d=300,600&ss=1600,1200&bs=300,600&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=373&tls=1374&g=100&h=100&tt=1375&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D673 42 B
64 B 227ms
146ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunW5mRcvH0Ur-AqkN1RXoZGn8ZRQUvZ8DpOmrEvhoRhZHOIqGgiYgnax7CbYQmIo5wO1gy5BSGB8gsI8ITP71FIqGyrtkOijKXrUMDJu2GEXPXjTfzkCBjnAnliI1m8GoYje1nXxgJSTFN&sai=AMfl-YRyUPM7_lW1J8wI83uDzVKayslls3w95uoJAM_2S6jybstpMjzsAwgU_Ttl3PLEz2AfA_vF7hymN9bdZ0Q4hPI6tE5RWOF1HvSk_vMDg2dBLsqCYxQvbyF--bYgtAFs9NOx10htVncvm_-d&sig=Cg0ArKJSzEpt6ej9SPzbEAE&cid=CAQSSwBpAlJWjBRP-vKh1OpcRsl2ZOSC6o1IsphAZHY6k0IXRG83aa3CyxECDyLItwFvXqgQqX-9iRfNS9mzlxer6kDrcf1WFcf2hKz47RgB&id=lidar2&mcvt=1025&p=89,130,689,290&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3371586687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694259815980&rpt=877&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D673 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4271966088441&version=m202307240101&ct=76&x=1&cor=15800235984770888000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame AB72 0
150 B 119ms
40ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=96112900046186404444554012442011&a=45a8a809&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=96112900046186404444554012442011&a=27644c58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 11:43:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame AB72 14 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 45531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame AB72 15 KB
15 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 115356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 03:41:01 GMT

GET
H2 200 dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235
adservice.google.com/ddm/fls/z/ Frame C503 42 B
401 B 174ms
79ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPqE6dS5nYEDFaMPogMdB0YPNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4750708292460.235?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 92ms
91ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a04328a1a3773cfa746d7cbe089bb2780bf1ea2eac904763236a3cd3a599f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11811
x-xss-protection: 0

POST
H2 204 rum Show response
www.ukr.net/cdn-cgi/ 0
163 B 80ms
79ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Sep 2023 11:43:38 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 803f2cb7ff2c3732-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 11:43:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15E5 13 KB
5 KB 42ms
39ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 15:57:18 GMT
expires: Sat, 07 Sep 2024 15:57:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F218 829 B
996 B 53ms
51ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

963bee1c4f8ed3fdaebd53c027a2c4baace86fcc49a2bdd2d1c9cc46b0f59ee1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KOnJtJVxOX9KTCXy53b9FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-KOnJtJVxOX9KTCXy53b9FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 11:43:38 GMT
expires: Sat, 09 Sep 2023 11:43:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E305 16 B
209 B 95ms
95ms Fetch
application/json 3.9.77.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.77.36 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-77-36.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Sep 2023 11:43:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 232ms
46ms Preflight 3.9.77.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.77.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-77-36.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 09 Sep 2023 11:43:38 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F218 0
0 140ms
139ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=301487239759809&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 15E5 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 14:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 14:49:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 15E5 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ILCcYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 11:43:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E305 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=502018079686&version=m202307240101&ct=77&x=1&cor=2125282083045135000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 11:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 146ms
145ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=301487239759809&bg=!NDelN3jNAAa6D61Rmg87ADQBe5WfOIuNqkr1oUWa5XLcXMjjLsGGpzhJ7f_zsFMWX4yyZHYwYZFjztg8szo3nG5WzaHuAgAAAFNSAAAAB2gBBwoAc5-OZ1fELWYUqIV7F1qMvkyz_D_pKohmvxwQZSu-2ukMKl7YrZ7y4EwhVKrGA8_JZB8VvwLR3vZuVdlYo_qNCX4hkm-S7yHGh6dBC_5UlAK1n1xUPW3GQ2U6sa2pHvHoHw5hIywFzVltYWwducU-9baFAkWZAq5g66pFqnxVCj7xhtlqJRAR_JKNB_dPpeOxo_R_NgFSKWfVgYXPAg8aEHUBqFP87Q1qtUYp2e9J4Igew2SwJQrCWeYJ4D98aL85FlzEkU2CFjdp7Gh34Gf5J2jBwKNCpD4PP5yONgw4EMoEEkc9WN8aKzDhn0iztEehsR3h0OApxA2h_He2Kjny9upCVBDsYZd7EkmsolqHu8asLexn7OaYxmk97wPG18TCYFmSpi7cbgAZ5TnXD7VGlMvbX8sAyPqbNXeurRDnSJnU1u2cvqeWI0sjEQ-aqX-N2m7SOvu8IMNuNWmsLjQMx92Bg4qQ8dLLQGamfXoXv0txujVZMMe_mYQjQtWq_wyuAA8EhuAfJOhgt90v2WeIS8YNjZLvyD6KFtNaThgJeFvAS1xqlgwCi8aomE_q2ITgklFoK3VNt-KrW8gShGItSr2kEMjibrCpFnyvJtDskvIn3IqhnhpHnqJgeVZartWjDfLt6qeXAO6BkDGqgDuEqKJrKQ3v9qPHvpNKW8pArRHSMp5HLjwcjvp1CI0ZWXGpDmAkSIyNWrVIr8YBHsLbffuvc1YNwa6Wb2blCyYvpRPobYLw8WL5k3k34gOG8jC7Pi3Ca1KKFGh5zG0EMLWuWxxeMCh2Z0IkGSlhRybchQxAy1QeYzMgJiNPUnBe68eXjxeebtN9uAMUqrSbNvn392vDOPb7t-vt9yUJPVru_AaTjUDH2UTNv2XWWqOqdIq8CgaK_0stTfpCsM5R0yuI_wFmpHz6c_PinpuwgQZXmMnfQxd1RlxSfHpmCh4RIRY3TK5WPusmb4q41mbWCrc73u_9OLDkwbUihPgM6oaRYxuGtjS7wegtB-8ZDr8ufZr5ceJyr36U2qJtHzlscjlCffPUpiikLehiHw9szcrDdMOIhntsfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 14:37:41	Name: __cf_bm Value: 8mmwx758wNokobONdiRuLYFICu_c72nn1MASSmQFmqA-1694259814-0-Aa0o6vPVYtBHreyvdwV2TJ4ytfzMv+aWjcURVxxgfoyj/brs9JDWT7ckDTqlqsYjKNQ6Q1t5h0lXz7mrOOHINt4=
.ukr.net/	1970-01-20 23:23:15	Name: news_lang Value: ua
.ukr.net/	1970-01-20 23:23:15	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 23:23:15	Name: snr Value: 9
.ukr.net/	1970-01-20 23:23:15	Name: scr Value: 9
.ukr.net/	1970-01-20 23:23:15	Name: sfr Value: 9
.ukr.net/	1970-01-20 23:23:15	Name: uid Value: Cj1tBGT8WmZ7gZCIBvgKAg==
.fwdcdn.com/	1970-01-20 14:37:41	Name: __cf_bm Value: 6O87cuchCxX9CYRy9okdOh3NPpgACnGxuDfa0FdbJfs-1694259814-0-AfqwUEOSsAqHtODednuD37h3mOvoO3IO4sVc3eUR2lHfqIECoVwsO9pUHl/XDqRWR5WREqtVLg69hrxgaUJxmF0=
www.ukr.net/	1970-01-20 21:22:39	Name: cbtYmKname Value: b52ebcfd903cd26d
.mgid.com/	1970-01-20 14:37:41	Name: __cf_bm Value: RArSDllefNAMXRI_VpJJ_MsNmILXdGdEsUQwYwHfcdU-1694259815-0-AVZnNdHACrQN32E9znfwOFU+Kc+2V99Ik4EGxVwfJMrPDNQr3vfQls2zfwtraAo/hGaQ2LUBlyXgxEg5Q78NylQ=
.ukr.net/	1970-01-20 23:23:15	Name: fuelId Value: 4
.ukr.net/	1970-01-20 23:23:15	Name: tracknew Value: 1694259815225920.1694259815.1
m.mixadvert.com/	1970-01-20 14:37:39	Name: 0ff1ff535552814b8c8336006fbd0109 Value: 444320
m.mixadvert.com/	1970-01-20 14:39:06	Name: 2530bc174f3c5b24ac76d22fa5fa21ac Value: 1
.go.rcvlink.com/	1970-01-21 00:13:39	Name: cache Value: tp7d7tLcvGj83Rw
loadercdn.net/	1970-01-21 00:13:39	Name: vui Value: 282bfdbd67af4d3ca7c3398b391b6333
.ukr.net/	1970-01-21 00:13:39	Name: _ga_75WQ2FHNW7 Value: GS1.1.1694259815.1.0.1694259815.60.0.0
.ukr.net/	1970-01-21 00:13:39	Name: _ga Value: GA1.1.1689813985.1694259815
.ukr.net/	1970-01-20 23:23:15	Name: pcity Value: 102950159
www.ukr.net/	1970-01-20 15:20:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ukr.net/	1970-01-20 23:23:15	Name: _pubcid Value: 3730e0b2-854a-43d1-aee4-8b2160d46e05
.criteo.com/	1970-01-20 23:59:15	Name: uid Value: dac456c3-668a-401b-8cae-ef5f5c622cd3
www.ukr.net/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1516465%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221694259815823%22%7D%7D
.ukr.net/	1970-01-20 23:59:15	Name: cto_bundle Value: K9SCV19oc0UwbDBQd09MeG1OSGp0Z2c2U0FEOG94d2xUVUJwOFZHd1IzRkF4Y1ZPbTdvQ0NVeEhRTkhLaWY0SVBpeXFxN3klMkJqcWNBR1I1TjFWQXBBTG5mNVpQQkhFWWhFMDY4eUg3dWdNYW1EVWhvcDFjVXFVYkRkd1oyaFpWMzlWNE54aCUyRm55OEhyZ0VieFBESXhyR0RnTm1nJTNEJTNE
a4p.adpartner.pro/	1970-01-20 16:04:03	Name: apuid Value: 171cc60a-81f3-47b9-a6c2-45798fbbc4c1
.doubleclick.net/	1970-01-20 23:59:15	Name: IDE Value: AHWqTUnJGZTZRkWYih68_RJvPGhVTLE_BA3tJAsBDt-M-dubonkH_DEAop6sSdfG
.adsinteractive.com/	1970-01-20 15:58:18	Name: uids Value: adsint-9Xp389rLJs8m3l99VngyBjfDyQ0J3VetroQMmlQz
.adtelligent.com/	1970-01-20 16:06:56	Name: vmuid Value: 769d183167a8f7db
.adtelligent.com/	1970-01-20 16:06:56	Name: a307558 Value: 171cc60a-81f3-47b9-a6c2-45798fbbc4c1
.adnxs.com/	1970-01-20 16:47:15	Name: uuid2 Value: 7882163571203470735
.casalemedia.com/	1970-01-20 23:23:15	Name: CMID Value: ZPxaaLHa2vOzo0fBXXSk0wAA
.casalemedia.com/	1970-01-20 16:47:15	Name: CMPS Value: 1163
.casalemedia.com/	1970-01-20 16:47:15	Name: CMPRO Value: 1163
.adtelligent.com/	1970-01-20 16:06:56	Name: a750634 Value: adsint-9Xp389rLJs8m3l99VngyBjfDyQ0J3VetroQMmlQz
.ukr.net/	1970-01-20 23:59:15	Name: __gads Value: ID=48d39a8103c58522:T=1694259815:RT=1694259815:S=ALNI_MbPu6w4Jy3u1lZvYTzjhYDxIRy1EQ
.ukr.net/	1970-01-20 23:59:15	Name: __gpi Value: UID=00000c716af87501:T=1694259815:RT=1694259815:S=ALNI_MYqzfMONmJjHj3feQQgXmuEFqnZIw
.doubleclick.net/	1970-01-20 18:56:51	Name: APC Value: AfxxVi4P8MAdtlyTZ471OFSoqSP1fswVOgu-wgvx5ck_z16SOBEtXw
.adnxs.com/	1970-01-20 16:47:15	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?^ojQI3!]tbPl1M>e)ZlrFUfJ+tGXxoL9uVNgI*.dgFlh)9EW04nVDE-1OywXz.1)@-3If)y3KL9D3I?-+jNKAk
.trafmag.com/	1970-01-21 00:13:39	Name: vid Value: 5110148398806856
cookies.nextmillmedia.com/	1970-01-20 14:47:44	Name: NMUID Value: csuid_113803f4-43e0-4107-851e-0da32f825b6d
.doubleclick.net/	1970-01-20 14:37:43	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 16:47:15	Name: 8lcfmzhxc8d6_uid Value: 8559da93e09a4582
.awin1.com/	1970-01-20 14:47:44	Name: awpv11601 Value: 113440\|1694259817\|1d5aebc1-4f06-11ee-8c55-226543793aa5
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 00:13:39	Name: source Value: {"webgains_webgains":{"timestamp":1694259817762,"clickCookie":false}}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a4p.adpartner.pro
accounts.ukr.net
ads.pubmatic.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
bid.adsinteractive.com
c.mgid.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.mgid.com
cdn.track.production.webgains.team
cl.imghosts.com
cm.g.doubleclick.net
cm.mgid.com
cookies.nextmillmedia.com
counter.ukr.net
d5a18f50c6040f2051b749323000c8f7.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900011.redintelligence.net
ib.adnxs.com
id5-sync.com
jsc.mgid.com
lb.eu-1-id5-sync.com
loadercdn.net
m.mixadvert.com
mail.ukr.net
mug.criteo.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
pv.medialead.de
region1.analytics.google.com
s-img.mgid.com
s.zfctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
track.webgains.com
trafmag.com
ukr.net
upst.fwdcdn.com
www.awin1.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ukr.net
zakladki.ukr.net
104.18.39.155
104.18.8.128
104.18.9.128
104.64.118.247
13.42.176.194
136.243.84.74
138.201.64.38
141.95.98.64
142.250.185.162
142.250.185.194
144.76.238.55
145.239.193.130
147.135.189.55
157.245.23.44
162.19.138.82
172.217.18.6
178.250.7.13
18.244.140.106
185.187.81.41
185.239.172.77
193.200.65.2
193.200.65.5
2001:4860:4802:34::36
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
216.52.2.6
23.35.236.201
2606:4700:10::6816:3456
2606:4700:1::6813:824c
2606:4700:4400::ac40:9281
2606:4700::6810:3965
2606:4700::6812:409
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::9a
2a02:2638:3::3
2a02:2638:3::c
2a06:8640:764::2
2a06:98c1:3120::3
2a0b:4d07:102::1
3.9.77.36
37.252.172.123
44.193.144.116
45.133.44.3
51.83.220.94
99.86.4.36
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03fcc753a36d82b0e68d1e1fa11d40448bdf09f7cbe900e27ac96177236ddd41
04a9c09ae0295e87591be8031ae5d4fd49e94cbb98087ee0af69e31fc84f81f8
04d5d597eae7e1e1628e8f181365c152f9b1e4416e6d17fe11618cb244de277d
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b915a7b09a8bb042359211c1aad5c43aeff5f2db8ca41a275c1faf18a99f790
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
1260d6a0055f2dc2d5378a8435cf2134787638d5b9c1d6782d7eb47e90a48b4f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513
1666783ed29ecf9932c2863454156963e4031f4d7792f34404ca861f0cbff5df
185b0192e3d43cc1cb4aa0cda4fc5d4e5af55d3479c46523fc544f2df1249496
18c28a5b8beaf3052e8ad420d0f15583c7d304287be200ce3e4226e219410fc7
18d4d854d5540cf7e90d983b0b00fd057b686697c733bba10268514ff69ff1f3
190bc627672de3cc9785502d0cb4a9a40d586bfc850ef8907722296bbc9a918b
1b37506b4565f0b91a0e424b8429599b241213ccf7fb24ec10bec71c81696740
1d51593008d1bbefec973002d46cf2545a1f84352f2bef5be2b387e40e6b6bec
1f640f8ef9ea1ae46e0e8c5c0c538695161cd3a637e834af9c4d1fdbe6695463
1f95a76537ed91d278b48721335e8db24dce2c824056fc2d0abf72cb98829cd7
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
22d53efb5994cac7c53e25f744c03c8e1812cd185eadfcf3511f3b4f9975b488
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec1db4c300affbd4cb0847de5dc409dc0a4571fc6e67c33ac23904cbd2c51c9
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
30f1805ffcb12a0eef03832a0fbdae2021ec28588c62e1df4ca8db6874d6423f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
359acae6e3cddd8463e2e471ce857462d4ca63c037c17b84d136c2e35062e57c
35d7ff6c7074eae01ba5064f83e28614b64f6b43a6235263328818239fb8db2c
36c580bfb0456b22c52f9c17e44953c1d9c0c075b8966b270b45791e6c9063e6
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3b207f0782387faa4ad5ad7c0e642f22d40cc3a3e7803c99b50ad110a696bff2
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3de524d38c4f4d3745561cb1c323762a33094df309be6c9a7bcca89b85b490c1
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
4343fb98085f3525368b8c2841c6c1e0e60e7947a37b686481bea24d5ba39918
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
49f1e50f17173f3937deb0247ac84211f566e90a540cf747ac4e9bb582f6417e
4b099485a49362be50208d96bd900ecbaf09152a4ff1e6dece8a8034da85adf9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5c05e74233d57a2718e565e16e36bea16237c81ac3f49214ffe8f8550166a2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5225ce09d08da708616eff1899dff0adb0ae86e790186ce9d053fe32fddfef45
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
596b6da03de77e96d5c68699a98fc3ca288a7e8e2f187bb348c6efd01107702b
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5b0e2f22457f534e4ba8ccba40ba6446783b910260d30cf7e867348f3f1e9d89
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
5da943a0ceb61a655d4542585fb17100fe353b4694089debae1ac7b9f3059b92
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
661b9181598efd849b90636204935e0548653d01ad6e4310302717ca608f787b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6e86d3b6c6ae23697dbd93ea325bd93e34258532573a91bb5620042e275e9272
6e95fb8bfee158f6f8ac0d62fe38f969d46d351cd4a31e7a3b6248cdbf485f00
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37
6ec9696d94312cc2fb79d20e6f310d4f0a9b14cb628d796122cce7bb6ba1270e
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
7085aa1e46dd114305acb8b3a6ad8a28cfc395545ae78113fc5ecf3c55d92221
7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60
70ba49d5509b7e980ba4bb0fee7d967c20b0e938fabd654e7c5d0052fb470fd8
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72c4a799e685190865d4a84faeb1fec2729ba57f48807a964fe2806f50f7572d
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a5fa28b473a1d228f1c0d0f051318a0967434cd44511e049e1fbf3c85dc19b7
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
7e06e0cb7ac3ffdf0124eea163c7b32860f7ba7c91369af7b7d35dd38b133513
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
85c3c534be1d9159d3e152265039bdb80c52acb8c8b897a466fb1aa726ad779e
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20
86d60c1b50168b0de90f2f2054e742ca0c494e05e5c60a17abd87bae299ea513
874c08791cabfd2f2c2a2d0476213d931de92aa00518cc31cd05e033cb5dfb06
8a43476162727606920013e3e64f4edf045396bfaa8b714f02936b0c8c91fd44
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8c425c1e42606ddef74cdcb2672f323e085299f158e84edc2bebfae57379a1df
92c7261fb8e96c85b2e3cd0bc6be6ea0345a53ff4a9c18ac6a79e52319230831
963bee1c4f8ed3fdaebd53c027a2c4baace86fcc49a2bdd2d1c9cc46b0f59ee1
963c40d64c03573de6315917f75e265979c387e9385dea5da8ee70dd591dfaea
971537a5b64c30bce47da8cdf694f1ee4a12d10c4e77f4e15412aa493e3849e7
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9a3464ecda7c0abe7f5e70a350fc3ba798ce89bdd8022e5caf49f385b4f79583
9adfd6f134bc748486c8068d11b0bdf429be8fd17c936d61f01ce7e920b34a0b
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2
a36d42910c93a7fc26f5f534d5d2ed82c95d134c31dba91fb9efb4fc2c9fd1de
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6ad01153b80f37386fb6bbc1bb1e8c7930cc269ffd2fd38f65ed8b078547036
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a81b69514fb90d12f9d4fc663994a08cf8a891b37a4b7e28177e4b171cdea53c
a858cb09723dac629c6029452e05e81ad6e4dce1a7b559ffd83946739223dc81
a92124fc5fced296562c3a42f44ccd6aae661b8737bb398461b591a5783b892c
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaeb2ab4dc8337bff5640b3ade41801dc695161233d54136b02631c83ae8554e
abed2a3b92aad1b741fd57156b591e0ab808f86cb8e44e0a28cb18b3ce6679ce
ac039de7e2446e87ae20f3edd44c8a514b778cc9bab406c3fa860bb3856dd613
acf21a1ab2aca71be0848bd9175b37e5f87aca29677db1e8ee52017ea5891a9d
aedb75fe293a072ae352d27cef42b8c4c0b6c9f8d4710bad966b84d93154ae7b
b05f0dc3604d64ab1ea8de3a19d4fab3bf24d7ac1beee3793e14e20d34392052
b0a34d2179ffd44e649c1083e9bc28d795a410c65305b5e0ed861aa2db91bd53
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3e57ccb04d9d982dfa4616e64af16819f09e8bb53f468f898f093dac578eb2e
c722d43155880ad69d2c7d6d7e603b15cecb2f1a7a3a1687cf11fdce7f869b9b
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cd56b986ecd2094feb3631782f64aef552aa0977019f9f5f08954bef1e1c7743
d68ad167aa552236db3e2401b81072a7481226035676f8314870e5d597eb0e1c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d780fe7833d22f09c53c18cec8db2fe7abffd2dc9fe6a239dd586c895a12f538
d7a04328a1a3773cfa746d7cbe089bb2780bf1ea2eac904763236a3cd3a599f7
d7d5d002987ce7caa6e3cfecb009659a30dedeb6fd6e3079c68474b880800567
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
da39be4ccf0e65d7d736a37e5eafa88ea81ca31b4563dcd1f5b728934e9fb6a9
de6f07141f9284fb43cdc61e9a971063f012530bfe00704755ac0f3c2dcdbe6d
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd0dc092ee55d5abc5d746309352bafd6f4181056685a4bf9420dc0ff98ddd
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e72541f6a097b58b832656edae794e4abca2dad5b3a948ccfa8f68df4e4f6921
e7b126218c91abc68da3f981744db0656f7251004d59e3cc8fd98fe14bb58eae
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
ec000eb1b53a24d5f24af2685bf1ad2e725ec3da5290990cbf12d4b5cdc55307
ee5faab93f5af0d996c4a0c641a98397e145d74adc601c5c8cd896a8aea6693a
eef1cb772e2a7f1e5cc09e689657f248158ca19488b044bdfd7096c0485e86dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f952b93d4e671cc9913d909a61fa8565ff313063a4124765550a1324854b7c55
f9a803ccbe33f8d1c9a7e566e63f968af2ed499fcbe977d1d0df2bfa16c53f2d
fd3d8a22c9a624b5709996628712d223738d623d073d16a7a9464ca0e6d183ce
fefa7db3e097a36df3d497fb1bdd4aa5e5e5bd68f94886751725cba56cb67000
ff70de3336681e83ab80e58d5ee605e1677aab7dba225f1c5840979bc74a8a34

www.ukr.net Open in urlscan Pro 104.18.8.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

253 Requests

93 %HTTPS

43 %IPv6

41 Domains

67 Subdomains

58 IPs

10 Countries

6357 kBTransfer

11275 kBSize

45 Cookies

306 Outgoing links

Page URL History

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

93 %
HTTPS

43 %
IPv6

41
Domains

67
Subdomains

58
IPs

10
Countries

6357 kB
Transfer

11275 kB
Size

45
Cookies

253 HTTP transactions
8 data transactions