dynamo.kiev.ua Open in urlscan Pro
195.206.238.20 Public Scan

URL:
http://dynamo.kiev.ua/
Submission: On August 19 via manual (August 19th 2021, 4:31:37 pm UTC) from NL

Summary HTTP 473 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 67 IPs in 12 countries across 63 domains to perform 473 HTTP transactions. The main IP is 195.206.238.20, located in Ukraine and belongs to UKRTELNET, UA. The main domain is dynamo.kiev.ua.

This is the only time dynamo.kiev.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
107	195.206.238.20 195.206.238.20	6849 (UKRTELNET) (UKRTELNET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.206.238.150 195.206.238.150	6849 (UKRTELNET) (UKRTELNET)
6	195.206.238.120 195.206.238.120	6849 (UKRTELNET) (UKRTELNET)
1	31.28.167.67 31.28.167.67	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
9	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	84.16.240.93 84.16.240.93	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	213.227.149.183 213.227.149.183	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 45	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 15	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 3	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1 13	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
32 64	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
8 8	52.59.115.28 52.59.115.28	16509 (AMAZON-02) (AMAZON-02)
3 3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2	52.213.253.90 52.213.253.90	16509 (AMAZON-02) (AMAZON-02)
2 2	195.209.108.37 195.209.108.37	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 1	188.34.190.35 188.34.190.35	24940 (HETZNER-AS) (HETZNER-AS)
1 1	18.197.2.221 18.197.2.221	16509 (AMAZON-02) (AMAZON-02)
44	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
39	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
10	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2 2	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
3	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a05:d018:24:... 2a05:d018:24:b001:6cd5:9d52:6dd6:6c58	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 5	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 11	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
3	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
2 4	34.247.122.211 34.247.122.211	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.125.59 18.194.125.59	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:f600:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
473	67

107 195.206.238.20 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: trono.magnet.kiev.ua

dynamo.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.206.238.150 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: mobus.magnet.kiev.ua

gagadget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.206.238.120 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: orto.magnet.kiev.ua

video2.magnet.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.28.167.67 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

ua-content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.16.240.93 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

cdn.trafficdok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.trafficdok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 146.0.227.110 (Ascension Island) 4 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.184.8.65 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.26 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 142.250.186.98 (United States) 32 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.59.115.28 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.253.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-253-90.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.37 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.34.190.35 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.35.190.34.188.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.2.221 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-2-221.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.122 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b001:6cd5:9d52:6dd6:6c58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.111.239.217 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.164 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.247.122.211 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-122-211.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.125.59 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-125-59.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.190 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:f600:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
107	dynamo.kiev.ua dynamo.kiev.ua	2 MB
95	doubleclick.net 40 redirects stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	266 KB
75	googlesyndication.com pagead2.googlesyndication.com 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	858 KB
54	admixer.net 4 redirects cdn.admixer.net inv-nets.admixer.net	217 KB
39	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	900 KB
15	creativecdn.com 1 redirects prebid-eu.creativecdn.com creativecdn.com	3 KB
15	google.com 1 redirects www.google.com adservice.google.com	4 KB
12	redintelligence.net 1 redirects hal9000.redintelligence.net hal90002.redintelligence.net hal90006.redintelligence.net	42 KB
11	googletagservices.com www.googletagservices.com	360 KB
10	awin1.com 4 redirects www.awin1.com	7 KB
10	2mdn.net s0.2mdn.net	210 KB
8	bidswitch.net 8 redirects x.bidswitch.net	3 KB
7	mathtag.com 3 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	5 KB
6	tradetracker.net 2 redirects ti.tradetracker.net static.tradetracker.net	18 KB
6	turn.com 3 redirects ad.turn.com r.turn.com	3 KB
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	12 KB
6	magnet.kiev.ua video2.magnet.kiev.ua	77 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	4 KB
5	google.de www.google.de adservice.google.de	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	4 KB
4	openx.net 3 redirects rtb.openx.net us-u.openx.net	1 KB
4	googleadservices.com partner.googleadservices.com	1 KB
4	adform.net 3 redirects adx.adform.net c1.adform.net	2 KB
4	trafmag.com m.trafmag.com	1 KB
3	congstar.de banner.congstar.de	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	travelaudience.com 3 redirects ads.travelaudience.com	1 KB
3	betweendigital.com 3 redirects ads.betweendigital.com	2 KB
3	tns-ua.com 1 redirects pa.tns-ua.com	642 B
3	trafficdok.com cdn.trafficdok.com z.cdn.trafficdok.com	3 KB
3	adriver.ru 2 redirects ua-content.adriver.ru ad.adriver.ru	6 KB
2	contentspread.net cdn.contentspread.net	25 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	simpli.fi 2 redirects um.simpli.fi	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	teads.tv sync.teads.tv	344 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	978 B
2	rfihub.com 1 redirects p.rfihub.com a.rfihub.com	2 KB
2	smartadserver.com 2 redirects ssbsync.smartadserver.com	763 B
2	advertising.com 2 redirects pixel.advertising.com	937 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	798 B
2	ismatlab.com ismatlab.com	297 B
2	facebook.net connect.facebook.net	70 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	googleusercontent.com themes.googleusercontent.com	473 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	93 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	blismedia.com tr.blismedia.com	136 B
1	zenaps.com www.zenaps.com	705 B
1	quantserve.com cms.quantserve.com	463 B
1	tidaltv.com sync.tidaltv.com	217 B
1	google.nl adservice.google.nl	853 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	313 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	facebook.com www.facebook.com
1	google-analytics.com www.google-analytics.com	71 B
1	bigmir.net c.bigmir.net	731 B
1	googletagmanager.com www.googletagmanager.com	50 KB
1	gagadget.com gagadget.com	2 KB
1	unpkg.com unpkg.com	2 KB
0	netmng.com Failed google2waycm.netmng.com Failed
473	63

	Domain	Requested by
107	dynamo.kiev.ua	dynamo.kiev.ua
66	cm.g.doubleclick.net	33 redirects googleads.g.doubleclick.net dynamo.kiev.ua 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
45	inv-nets.admixer.net	4 redirects cdn.admixer.net dynamo.kiev.ua
44	pagead2.googlesyndication.com	cdn.admixer.net pagead2.googlesyndication.com googleads.g.doubleclick.net 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com dynamo.kiev.ua
27	tpc.googlesyndication.com	googleads.g.doubleclick.net 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
18	assets.ad4m.at	as.ad4m.at
15	ad4m.at	googleads.g.doubleclick.net ad4m.at
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com dynamo.kiev.ua
12	prebid-eu.creativecdn.com	cdn.admixer.net
11	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
10	www.awin1.com	4 redirects as.ad4m.at
10	s0.2mdn.net	googleads.g.doubleclick.net dynamo.kiev.ua s0.2mdn.net
10	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
9	cdn.admixer.net	dynamo.kiev.ua cdn.admixer.net
8	x.bidswitch.net	8 redirects
7	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net
6	ad.doubleclick.net	6 redirects
6	as.ad4m.at	ad4m.at as.ad4m.at
6	video2.magnet.kiev.ua	dynamo.kiev.ua
5	hal90002.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90002.redintelligence.net
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	ti.tradetracker.net	2 redirects dynamo.kiev.ua hal90006.redintelligence.net
4	hal9000.redintelligence.net	dynamo.kiev.ua 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com hal90006.redintelligence.net
4	adservice.google.de	pagead2.googlesyndication.com
4	partner.googleadservices.com	pagead2.googlesyndication.com
4	m.trafmag.com	dynamo.kiev.ua
3	hal90006.redintelligence.net	hal9000.redintelligence.net hal90006.redintelligence.net
3	banner.congstar.de	as.ad4m.at
3	sync.mathtag.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	static-de.ad4mat.net	ad4m.at
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	ups.analytics.yahoo.com	3 redirects
3	ads.travelaudience.com	3 redirects
3	r.turn.com	googleads.g.doubleclick.net
3	ad.turn.com	3 redirects
3	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
3	12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	creativecdn.com	1 redirects dynamo.kiev.ua cdn.admixer.net
3	ads.betweendigital.com	3 redirects
3	pa.tns-ua.com	1 redirects dynamo.kiev.ua
2	cdn.contentspread.net	hal90002.redintelligence.net
2	static.tradetracker.net	12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com hal90006.redintelligence.net
2	fonts.gstatic.com	fonts.googleapis.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	um.simpli.fi	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	dynamo.kiev.ua
2	pixel-sync.sitescout.com	2 redirects
2	ssbsync.smartadserver.com	2 redirects
2	pixel.advertising.com	2 redirects
2	rtb.openx.net	2 redirects
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	adx.adform.net	1 redirects dynamo.kiev.ua
2	ad.adriver.ru	2 redirects
2	ismatlab.com	dynamo.kiev.ua
2	connect.facebook.net	dynamo.kiev.ua connect.facebook.net
2	stats.g.doubleclick.net	1 redirects dynamo.kiev.ua
2	counter.yadro.ru	1 redirects dynamo.kiev.ua
2	z.cdn.trafficdok.com	cdn.trafficdok.com
2	themes.googleusercontent.com	dynamo.kiev.ua
1	ade.googlesyndication.com
1	fonts.googleapis.com	hal90006.redintelligence.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
1	s.tribalfusion.com	12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	www.zenaps.com	12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
1	cms.quantserve.com	12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
1	sync.tidaltv.com	googleads.g.doubleclick.net
1	a.rfihub.com	dynamo.kiev.ua
1	p.rfihub.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	adservice.google.nl	securepubads.g.doubleclick.net
1	sonata-notifications.taptapnetworks.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	www.facebook.com	connect.facebook.net
1	www.google.de	dynamo.kiev.ua
1	www.google-analytics.com	www.googletagmanager.com
1	c.bigmir.net	dynamo.kiev.ua
1	www.googletagmanager.com	dynamo.kiev.ua
1	cdn.trafficdok.com	dynamo.kiev.ua
1	ua-content.adriver.ru	dynamo.kiev.ua
1	gagadget.com	dynamo.kiev.ua
1	unpkg.com	dynamo.kiev.ua
1	ajax.googleapis.com	dynamo.kiev.ua
0	google2waycm.netmng.com Failed	googleads.g.doubleclick.net
473	93

This site contains links to these domains. Also see Links.

Domain
goalapi.com
magnet.kiev.ua
wc2014.dynamo.kiev.ua
ringside24.com
twitter.com
www.facebook.com
vk.com
flipboard.com
telegram.me
www.bigmir.net
www.liveinternet.ru
orphus.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
gagadget.com R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
dynamo.kiev.ua R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
video2.magnet.kiev.ua R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.cdn.trafficdok.com Go Daddy Secure Certificate Authority - G2	`2021-03-10` - `2022-04-11`	a year	crt.sh
c.bigmir.net R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
ismatlab.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-11` - `2022-05-11`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-06-04`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.tradetracker.net Amazon	`2020-12-20` - `2022-01-18`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh

This page contains 46 frames:

Primary Page: http://dynamo.kiev.ua/
Frame ID: 211EFC5D2AF108D71F2B20241AEFA107
Requests: 217 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 787474943C9369D66D5A00783DF7CB26
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1DA310BC7A1CA86046A84F8DC0BF0C67
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3353D748E48428659F99E01F3143B3C2
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4399C03EEE461D82C59DCC66A482E438
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AF352D7C4153322F9140BB3F8BEDDEB9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316
Frame ID: C8DA0D6D305ACA8DF484A1E10BC17A2A
Requests: 8 HTTP requests in this frame

Frame: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E635918BA9F21A0B2754B9A8E895145
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476
Frame ID: 11846912D8DBD9E1DBFC21F313904466
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478
Frame ID: 62BE0C6EA54391223E5728C62E027EAB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484
Frame ID: 36A012CBFB5E41BF900605CBA067D5D6
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
Frame ID: 3BC07DA41AC89C6B317BB25847F2A9B2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADB428EF7729FA68174900E7AF68B487
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
Frame ID: 66A909FAE15DF38D38B6B21415E6A9A8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B36DFA9B0637C0B101423BF1214113FC
Requests: 9 HTTP requests in this frame

Frame: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7CBE272866CD8767F00583BAC993A64F
Requests: 15 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
Frame ID: 1E5B2768E3D78697016214C7B5AF6677
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4DC983B2D99C6D1C533BF1EFE4A0CE65
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBCeqZUCGPnt5ZsBMAE&v=APEucNWhGv0r8pDhsxhbkDSD7xfFP-k5WCBPYhzNa-bCJGQf5Li2a6kxrp44RjprwW4iY4N7qltjeYF5rCxAKrfyMsXboFLSrpQKImLEi2iS7ZO8C_niz8Bo7cS9rdIAcrgEQ0j8RI4KHcdFEgyHGAh_l0uAzR_JxRgRAyqWujdmv842o9pAntQ
Frame ID: EBD82CEC8EC0C7A4AEEBB7B8957B8996
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 07A90C95C59518725F535373FC51D467
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2C79892EA30125138D3A5D0AAA3104DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 080958FA22CFD9611088F6464A80323F
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E99B5958E84797CD76B30BEA51351E48
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
Frame ID: 56C285C5FAF7C0254BC8224C07ABC8C2
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B9210D34BEAAA8FE499D04E4FF8D819
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7722BA61346DBDE92B57F6C642C83C10
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F077BDE810DDED167ECF5487F2C1852
Requests: 1 HTTP requests in this frame

Frame: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7ED5A08F9B371ABAEABEA32DB0BDF210
Requests: 15 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Frame ID: BF0A834D417F16BB2A5307CD834EC32F
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Frame ID: 51099DBA206B447A2ECAAD35BDFE746E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FEAE3FEB5E15D5A107D11A4B282F26C0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B1ABBC1FD254403C3A89C53D3EEE960
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Frame ID: 9C85A2AA2C46358794E253BD2F674F89
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 955358F84A78880F30F5F9E4ED253C5C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 439ADEAB25796B855DF8DA3EFF61908B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w
Frame ID: 830013D839D45E480FF2EB3C6381413D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 6A01054B180F38ACFC390F88F4ABDD08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A463DBE1DC272D2DB848008E40D36813
Requests: 3 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Frame ID: 11C70ED2F78ECC16CD2FB0B050C83C30
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2A391F4DC459CEB8A22AE47482984F9
Requests: 9 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
Frame ID: A6A7E0F892FD58A03AF7A0D4AE4D52E0
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96B9E3058B9E64AB1FC6DD7674CC93A1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F81D760DC85F5937226B079EF13668F9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0ACCAED6DFCA084ED5E08805460B12D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4DC3A8192DEC87F1406BE8F328E5120A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B41DE460D93D3C74D1C4FB5C275D1288
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Динамо Киев от Шурика - все о футболе Украины и мира

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:adriver\.core\.\d\.js|https?:\/\/(?:content|ad|masterh\d)\.adriver\.ru\/)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

473
Requests

89 %
HTTPS

40 %
IPv6

63
Domains

93
Subdomains

67
IPs

12
Countries

6233 kB
Transfer

10909 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://goalapi.com/
Title: Результаты предоставлены GoalAPI.com

Search URL Search Domain Scan URL

URL: http://magnet.kiev.ua/advertising/dynamo/
Title: Реклама на сайте

Search URL Search Domain Scan URL

URL: http://magnet.kiev.ua/rules/
Title: Пользовательское соглашение

Search URL Search Domain Scan URL

URL: https://wc2014.dynamo.kiev.ua/
Title: ЧМ-2014

Search URL Search Domain Scan URL

URL: https://ringside24.com/ru/news/
Title: Новости бокса

Search URL Search Domain Scan URL

URL: https://ringside24.com/ru/mma/
Title: Новости ММА

Search URL Search Domain Scan URL

URL: https://twitter.com/dynamo_kiev_ua
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dynamo.kiev.ua
Title: Facebook

Search URL Search Domain Scan URL

URL: http://vk.com/fc_dynamokiev
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://flipboard.com/@dynamokievua/dynamo.kiev.ua---%D0%B2%D1%81%D1%91-%D0%BE-%D0%BA%D0%B8%D0%B5%D0%B2%D1%81%D0%BA%D0%BE%D0%BC-%C2%AB%D0%B4%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%C2%BB-%D0%B8-%D1%81%D0%B1%D0%BE%D1%80%D0%BD%D0%BE%D0%B9-%D1%83%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B-kdkdhblcy
Title: Флипборд

Search URL Search Domain Scan URL

URL: https://telegram.me/dynamo_kiev_ua
Title: Телеграмм

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/?cl=5613
Title:

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://orphus.ru/

Search URL Search Domain Scan URL

URL: http://magnet.kiev.ua/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

http://dynamo.kiev.ua/static/img/ajax-loader.gif HTTP 307
https://dynamo.kiev.ua/static/img/ajax-loader.gif

Request Chain 26

http://dynamo.kiev.ua/media/cache_new/83/ba/83ba5f202349ea78f002bf9c1e1ca3b2.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/83/ba/83ba5f202349ea78f002bf9c1e1ca3b2.jpg

Request Chain 27

http://dynamo.kiev.ua/media/cache_new/03/c7/03c765843cfc1ba1962266978080cb56.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/03/c7/03c765843cfc1ba1962266978080cb56.jpg

Request Chain 28

http://dynamo.kiev.ua/media/cache_new/e1/31/e1316735e867966c0862262d67552409.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/e1/31/e1316735e867966c0862262d67552409.jpg

Request Chain 29

http://dynamo.kiev.ua/media/cache_new/00/66/00665e01d886dd4c14c521e9a9fe1601.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/00/66/00665e01d886dd4c14c521e9a9fe1601.jpg

Request Chain 30

http://dynamo.kiev.ua/media/cache_new/08/9d/089d937d5bb07dbbdb15e90570dabb51.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/08/9d/089d937d5bb07dbbdb15e90570dabb51.jpg

Request Chain 31

http://dynamo.kiev.ua/media/cache_new/a7/25/a725913033fae6fa6a0f1ad523d91958.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/a7/25/a725913033fae6fa6a0f1ad523d91958.jpg

Request Chain 32

http://dynamo.kiev.ua/media/cache_new/77/c5/77c5c97d66e067d5aa42e08e8f475368.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/77/c5/77c5c97d66e067d5aa42e08e8f475368.jpg

Request Chain 33

http://dynamo.kiev.ua/media/cache_new/5a/6b/5a6b47acf8956603a4d9926bed83fa1d.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/5a/6b/5a6b47acf8956603a4d9926bed83fa1d.jpg

Request Chain 34

http://dynamo.kiev.ua/media/cache_new/c6/66/c6660daadcaf5d2e4f3981ea541497a5.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c6/66/c6660daadcaf5d2e4f3981ea541497a5.jpg

Request Chain 41

http://dynamo.kiev.ua/media/cache_new/b0/22/b02215378ef28d983303d5b96a66e84b.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/b0/22/b02215378ef28d983303d5b96a66e84b.jpg

Request Chain 42

http://dynamo.kiev.ua/media/cache_new/1d/f8/1df83b3b2b4f0bde103d8fb37fec2652.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/1d/f8/1df83b3b2b4f0bde103d8fb37fec2652.jpg

Request Chain 43

http://dynamo.kiev.ua/media/cache_new/38/bc/38bc38fc34e412bf44bff236fad10080.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/38/bc/38bc38fc34e412bf44bff236fad10080.jpg

Request Chain 44

http://dynamo.kiev.ua/media/cache_new/f3/ed/f3edfe12238e9bb193026705844cd883.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/f3/ed/f3edfe12238e9bb193026705844cd883.jpg

Request Chain 45

http://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg

Request Chain 46

http://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg

Request Chain 47

http://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg

Request Chain 48

http://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg

Request Chain 49

http://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg

Request Chain 50

http://dynamo.kiev.ua/media/cache_new/1b/66/1b66b6dea36954b3fbfaf6bd6df978c4.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/1b/66/1b66b6dea36954b3fbfaf6bd6df978c4.jpg

Request Chain 51

http://dynamo.kiev.ua/media/cache_new/08/56/085689bf3429dd5fe396faae14428578.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/08/56/085689bf3429dd5fe396faae14428578.jpg

Request Chain 52

http://dynamo.kiev.ua/media/cache_new/6a/e9/6ae9b313ac2d1343ebb4d09aaab13c32.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/6a/e9/6ae9b313ac2d1343ebb4d09aaab13c32.jpg

Request Chain 53

http://dynamo.kiev.ua/media/cache_new/0f/8e/0f8ef8af703fc23896bf9047fe2abe48.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/0f/8e/0f8ef8af703fc23896bf9047fe2abe48.jpg

Request Chain 54

http://dynamo.kiev.ua/media/cache_new/c9/32/c932f455affe4b88ccf3b01754a6e2b8.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c9/32/c932f455affe4b88ccf3b01754a6e2b8.jpg

Request Chain 55

http://dynamo.kiev.ua/media/cache_new/77/45/7745535c8fd9ef0e6858d8b5db8fd996.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/77/45/7745535c8fd9ef0e6858d8b5db8fd996.jpg

Request Chain 56

http://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg

Request Chain 57

http://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg

Request Chain 58

http://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg

Request Chain 59

http://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg

Request Chain 60

http://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg

Request Chain 61

http://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg HTTP 307
https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg

Request Chain 69

http://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg

Request Chain 70

http://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg

Request Chain 71

http://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg

Request Chain 72

http://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg HTTP 307
https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg

Request Chain 73

http://dynamo.kiev.ua/static/img/orphus.gif HTTP 307
https://dynamo.kiev.ua/static/img/orphus.gif

Request Chain 82

http://dynamo.kiev.ua/static/img/ok-label.jpg HTTP 307
https://dynamo.kiev.ua/static/img/ok-label.jpg

Request Chain 83

http://dynamo.kiev.ua/static/img/fail-label.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fail-label.jpg

Request Chain 85

http://dynamo.kiev.ua/static/js/post.safe.delete.js HTTP 307
https://dynamo.kiev.ua/static/js/post.safe.delete.js

Request Chain 86

http://dynamo.kiev.ua/static/js/jquery.spandata.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery.spandata.js

Request Chain 87

http://dynamo.kiev.ua/static/js/login.js?v4 HTTP 307
https://dynamo.kiev.ua/static/js/login.js?v4

Request Chain 88

http://dynamo.kiev.ua/static/js/hover.js HTTP 307
https://dynamo.kiev.ua/static/js/hover.js

Request Chain 89

http://dynamo.kiev.ua/static/js/jquery.cookie.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery.cookie.js

Request Chain 90

http://dynamo.kiev.ua/static/js/money.js?v21 HTTP 307
https://dynamo.kiev.ua/static/js/money.js?v21

Request Chain 91

http://dynamo.kiev.ua/static/js/subscriptions.js HTTP 307
https://dynamo.kiev.ua/static/js/subscriptions.js

Request Chain 92

http://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js HTTP 307
https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js

Request Chain 93

http://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js

Request Chain 94

http://dynamo.kiev.ua/static/js/fanzone.js?v8 HTTP 307
https://dynamo.kiev.ua/static/js/fanzone.js?v8

Request Chain 95

http://dynamo.kiev.ua/static/js/prebid2.41.0.js HTTP 307
https://dynamo.kiev.ua/static/js/prebid2.41.0.js

Request Chain 96

http://dynamo.kiev.ua/static/js/prebid-units.js HTTP 307
https://dynamo.kiev.ua/static/js/prebid-units.js

Request Chain 97

http://dynamo.kiev.ua/static/js/blog-list.js HTTP 307
https://dynamo.kiev.ua/static/js/blog-list.js

Request Chain 98

http://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7 HTTP 307
https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7

Request Chain 99

http://dynamo.kiev.ua/static/js/tv-index.js?v5 HTTP 307
https://dynamo.kiev.ua/static/js/tv-index.js?v5

Request Chain 100

http://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5 HTTP 307
https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5

Request Chain 101

http://dynamo.kiev.ua/static/js/social_lightbox.js?v2 HTTP 307
https://dynamo.kiev.ua/static/js/social_lightbox.js?v2

Request Chain 102

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js

Request Chain 103

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js HTTP 307
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js

Request Chain 104

http://dynamo.kiev.ua/static/img/fan-banner_1.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_1.jpg

Request Chain 105

http://dynamo.kiev.ua/static/img/fan-banner_2.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_2.jpg

Request Chain 106

http://dynamo.kiev.ua/static/img/fan-banner_3.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_3.jpg

Request Chain 107

http://dynamo.kiev.ua/static/img/fan-banner_4.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_4.jpg

Request Chain 108

http://dynamo.kiev.ua/static/img/fan-banner_5.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_5.jpg

Request Chain 109

http://dynamo.kiev.ua/static/img/fan-banner_6.jpg HTTP 307
https://dynamo.kiev.ua/static/img/fan-banner_6.jpg

Request Chain 110

http://dynamo.kiev.ua/static/img/purse.png HTTP 307
https://dynamo.kiev.ua/static/img/purse.png

Request Chain 117

http://dynamo.kiev.ua/static/img/bg-post-comments-small.png HTTP 307
https://dynamo.kiev.ua/static/img/bg-post-comments-small.png

Request Chain 121

http://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png HTTP 307
https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png

Request Chain 124

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.8557373905610048 HTTP 302
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.8557373905610048

Request Chain 125

http://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg HTTP 307
https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg

Request Chain 126

http://dynamo.kiev.ua/static/holding/footer2/img/logo.png HTTP 307
https://dynamo.kiev.ua/static/holding/footer2/img/logo.png

Request Chain 127

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 128

http://connect.facebook.net/ru_RU/all.js HTTP 307
https://connect.facebook.net/ru_RU/all.js

Request Chain 134

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=952558201&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&utmhid=976597661&utmr=-&utmp=%2F&utmht=1629390675150&utmac=UA-2421725-22&utmcc=__utma%3D28515881.1840762763.1629390675.1629390675.1629390675.1%3B%2B__utmz%3D28515881.1629390675.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1766138724&utmredir=3&utmu=qRAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=952558201&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&utmhid=976597661&utmr=-&utmp=%2F&utmht=1629390675150&utmac=UA-2421725-22&utmcc=__utma%3D28515881.1840762763.1629390675.1629390675.1629390675.1%3B%2B__utmz%3D28515881.1629390675.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1766138724&utmredir=3&utmu=qRAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=1840762763.1629390675&jid=1766138724&_v=5.7.2dc&z=952558201 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=1840762763.1629390675&jid=1766138724&_v=5.7.2dc&z=952558201&slf_rd=1&random=1026338664

Request Chain 142

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a533dde650034ddf9f322c95df1db6aa HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0DFC4821C44416DB39B4F5E9D949DB0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a533dde650034ddf9f322c95df1db6aa

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESELmDtJk_khfp6E-IgFbpXbQ&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa

Request Chain 144

https://x.bidswitch.net/sync?ssp=admixer&user_id=a533dde650034ddf9f322c95df1db6aa&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=a533dde650034ddf9f322c95df1db6aa&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=8524b107-05d2-52e7-ac20-ddfecd3e5aad&ssp=admixer&expires=30&user_group=1 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

Request Chain 145

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 147

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4903570474 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ATNWAVkOrybKpNfijZR1_fg

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YTUzM2RkZTY1MDAzNGRkZjlmMzIyYzk1ZGYxZGI2YWE=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEKbbNsklRVuGfj25MEu0i6c&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa

Request Chain 150

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8524b107-05d2-52e7-ac20-ddfecd3e5aad

Request Chain 161

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_680803&url=http%3A%2F%2Fdynamo.kiev.ua%2F HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_680803&url=http%3A%2F%2Fdynamo.kiev.ua%2F

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTRiNTYzNDhkOTUxNDYzOGJjM2Q4Mzc4ZGZkY2QwN2M=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEKbbNsklRVuGfj25MEu0i6c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTRiNTYzNDhkOTUxNDYzOGJjM2Q4Mzc4ZGZkY2QwN2M&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEKbbNsklRVuGfj25MEu0i6c&google_cver=1 HTTP 302
https://x.bidswitch.net/sync?ssp=admixer&user_id=e4b56348d9514638bc3d8378dfdcd07c&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=4c62d62c-81e5-4692-a889-0f443bfe2a9c HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=4c62d62c-81e5-4692-a889-0f443bfe2a9c HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

Request Chain 173

https://x.bidswitch.net/sync?ssp=admixer&user_id=e4b56348d9514638bc3d8378dfdcd07c&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_068e7443-df2c-4ab3-8c12-7564b5c21faf&bsw_param=4c62d62c-81e5-4692-a889-0f443bfe2a9c&expires=10 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

Request Chain 248

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8XDyVBEXlkPYftP6MyATo&google_cver=1&google_push=AYg5qPLSgbYahz3kDF1ymbqhPCMTJ4Y8YLd0YS3-fuMQuLz3D6TIhAdNaEC2jGBRxHhV9banmTDV24Jna0j66nzveqsnnC6Amg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQyNzgzNTcxMjUxMjE2MDgwNQ== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1

Request Chain 249

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_cver=1&google_push=AYg5qPIRQEU4rwiwNop9MvAg5BLl0CjvkYXXKe1I8eVfuARa7V-7Zhjpw6AZNXDUbdp9TU0AjUgydNOyJGYDCCTpbBQEKfKuhv4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_push=AYg5qPIRQEU4rwiwNop9MvAg5BLl0CjvkYXXKe1I8eVfuARa7V-7Zhjpw6AZNXDUbdp9TU0AjUgydNOyJGYDCCTpbBQEKfKuhv4

Request Chain 250

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB-zQWPnzyUnZHlQncvh1OE&google_cver=1&google_push=AYg5qPI8t5Gs_WPNn_mpcSz07hKLdPp9D-eexWgesOptP50zoXfvSGVzVMQKRxvVYUjAQFjcMtsJJB7LhmMHp6rwdKF1ez7ysFQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPI8t5Gs_WPNn_mpcSz07hKLdPp9D-eexWgesOptP50zoXfvSGVzVMQKRxvVYUjAQFjcMtsJJB7LhmMHp6rwdKF1ez7ysFQ

Request Chain 251

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEE3CbEWjaPpUXD0A5gEh3wo&google_cver=1&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA&google_hm=TGLWLIHlRpKoiQ9EO_4qnA== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA&google_hm=TGLWLIHlRpKoiQ9EO_4qnA==&google_tc=

Request Chain 252

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGEmwRGLpwiWLQlOJffSrSM&google_cver=1&google_push=AYg5qPL35gunbFCnBOh_spxQDv-LqFcyiE13sEGxc0qWKXXzJS3-c5XQkLQKD3Gsqyh5DvHkgS3TqFJw3_6DsmcRgiQxpJDmpSE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPL35gunbFCnBOh_spxQDv-LqFcyiE13sEGxc0qWKXXzJS3-c5XQkLQKD3Gsqyh5DvHkgS3TqFJw3_6DsmcRgiQxpJDmpSE

Request Chain 253

https://rtb.openx.net/sync/dds?google_gid=CAESENHKoPT5V8ncub50kW58CLc&google_cver=1&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESENHKoPT5V8ncub50kW58CLc&google_cver=1&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8&google_hm=p4dAZgLpxbQI1Ts83crObg==

Request Chain 254

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8 HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8&apid=UPe0504384-010a-11ec-910f-06710edf12dc HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8&apid=UPe0504384-010a-11ec-910f-06710edf12dc&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlMDUwNDM4NC0wMTBhLTExZWMtOTEwZi0wNjcxMGVkZjEyZGM%3D&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8

Request Chain 278

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8XDyVBEXlkPYftP6MyATo&google_cver=1&google_push=AYg5qPLfQwqBYr7Ni9cfiytyzBe3WzHl2hktbdzjIYVmP0lrRJkf8VRvWPK_M4Iz_btNsZm74KgUiDlk-Ut2cUCe8OT9YTJ53uc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQyNzgzNTcxMjUxMjE2MDgwNQ== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1

Request Chain 279

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_cver=1&google_push=AYg5qPLS6RWJcvxr6--BnlepbyX89gsdgYH_kGq4itWdwf3qBb9pS2hgDyVz6UKMkQLK-6TPNMaO6V48ZqO-mUD3DEJsXMV_-as HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVI2SFZBQURvaEtpNGdCZw==&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_cver=1&google_push=AYg5qPLS6RWJcvxr6--BnlepbyX89gsdgYH_kGq4itWdwf3qBb9pS2hgDyVz6UKMkQLK-6TPNMaO6V48ZqO-mUD3DEJsXMV_-as

Request Chain 280

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB-zQWPnzyUnZHlQncvh1OE&google_cver=1&google_push=AYg5qPIfXgKzt1fUdkroaY3zQsg_jG3v9PmI-wwT524BzmZgwR0HYo8B8fuLFkCkZ9jADjpX6DTxwhAOMsrkYDdmxItgf9h9Nw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIfXgKzt1fUdkroaY3zQsg_jG3v9PmI-wwT524BzmZgwR0HYo8B8fuLFkCkZ9jADjpX6DTxwhAOMsrkYDdmxItgf9h9Nw

Request Chain 282

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ

Request Chain 283

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPqDHbuR1vW0U3TxgNynvt0&google_cver=1&google_push=AYg5qPKwawyxWLGeqZvc-gp2EbjgfwzkCArKPHpFOjM8EHgAG7jcXiOj3W6UNkM0feFEv6SoB4CyQfcgbn-hFXEsIa0ugMyaV8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKwawyxWLGeqZvc-gp2EbjgfwzkCArKPHpFOjM8EHgAG7jcXiOj3W6UNkM0feFEv6SoB4CyQfcgbn-hFXEsIa0ugMyaV8c&google_hm=MjI5Njk5MDQzNzU5MTUwNjc3OQ%3D%3D

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1

Request Chain 316

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1

Request Chain 317

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMGfqW_B9I-JGQCR6kCKZjA&google_cver=1

Request Chain 318

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI3MDI1ODk1OTcyNzU2NDk0MQ%3D%3D

Request Chain 319

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8XDyVBEXlkPYftP6MyATo&google_cver=1&google_push=AYg5qPI4MGUho2e2anghixrHQpD7r5HNoUEjvZy2tXDybvSk30OoDJyWm6v3FC4kyCoQumDQ0g-as9luoxDysDI_xxyrqVJwrIo1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQyNzgzNTcxMjUxMjE2MDgwNQ== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1

Request Chain 320

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEOG-IKvt2c-4jaFWU7cuS9w&google_cver=1&google_push=AYg5qPI8u2scAn_UOMoIDOJsamSfFrKC8w0gnh27zOYhkLL563E8UkiT_T3BoFAUGAbGfVfILNZ_ksh0jCvSJRwwW6uxscUh9I0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPI8u2scAn_UOMoIDOJsamSfFrKC8w0gnh27zOYhkLL563E8UkiT_T3BoFAUGAbGfVfILNZ_ksh0jCvSJRwwW6uxscUh9I0&google_hm=NDY4MDMyOTc0MDIyNjUyODky HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 321

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGLvVuQuec5HKfibJPecjPE&google_cver=1&google_push=AYg5qPLGbUNsqWYXpNw5s2Osy3CWzycCQNp2J1tPRM1BUSIv1FZS3wjhUyrFiwhU3u4M2Xlg8rG0TslRXnn9P1Kk1bOW_20l4G4y HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEGLvVuQuec5HKfibJPecjPE&google_cver=1&google_push=AYg5qPLGbUNsqWYXpNw5s2Osy3CWzycCQNp2J1tPRM1BUSIv1FZS3wjhUyrFiwhU3u4M2Xlg8rG0TslRXnn9P1Kk1bOW_20l4G4y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=v61guwhkTFGCH4WCTYq34mEeh1U

Request Chain 323

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB-zQWPnzyUnZHlQncvh1OE&google_cver=1&google_push=AYg5qPIdndgSRI9iccm84tc25tXbKzfi9BzJX7hW4It232X7-aqlloetWR2CVHQiqPe_AU0kjPfvbGqPS7dIXwGY2K0uMYMQHds HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIdndgSRI9iccm84tc25tXbKzfi9BzJX7hW4It232X7-aqlloetWR2CVHQiqPe_AU0kjPfvbGqPS7dIXwGY2K0uMYMQHds

Request Chain 324

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB-

Request Chain 325

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMXb-9PTW8G_3j-_zvJejiY&google_cver=1&google_push=AYg5qPIgfWv1clMVpD5kPGOxNHDv7osqxINmCDxMMdkM2S97T76bOAUhVg2BiZTozzAsXJ5ZM7Wxt7xOBflbd6PKBRsbGS_3LquQIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySXRPXzFGRTJ1RkR2dVFESUFURHk5d3hiWDJHU2VmTH5B&google_push=AYg5qPIgfWv1clMVpD5kPGOxNHDv7osqxINmCDxMMdkM2S97T76bOAUhVg2BiZTozzAsXJ5ZM7Wxt7xOBflbd6PKBRsbGS_3LquQIw

Request Chain 337

https://hal90002.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2729546773374393934%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_cid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%2526client%253Dca-pub-3064647383031638%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4144222282843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2729546773374393934%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_cid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%2526client%253Dca-pub-3064647383031638%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4144222282843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 339

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI851FpFH6ksmEcyTjr4mIM&google_cver=1&google_push=AYg5qPI2fVaSUYFhQjodQAPZMvuq1vV9_H0fGQeG7Wdv_Y7k6QOGrRzCh6RmayKZvn_Y5o5ffD3Hg2xbctuHxaLjCZrRuBzS8Oir HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPI2fVaSUYFhQjodQAPZMvuq1vV9_H0fGQeG7Wdv_Y7k6QOGrRzCh6RmayKZvn_Y5o5ffD3Hg2xbctuHxaLjCZrRuBzS8Oir

Request Chain 381

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidabf66IPX6Zc_N8xou5a4emJyaZ2kmUYCasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COa1pqTBvfICFf_auwgdBlQIOQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidabf66IPX6Zc_N8xou5a4emJyaZ2kmUYCasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidabf66IPX6Zc_N8xou5a4emJyaZ2kmUYCasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fa17f0-010a-11ec-a5ea-692d04ef6a29

Request Chain 392

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid4d2PffB2YUGVqFmqiZwi6A9iJcLCmkheasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNi6pqTBvfICFVAr4AodyFAKSA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid4d2PffB2YUGVqFmqiZwi6A9iJcLCmkheasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid4d2PffB2YUGVqFmqiZwi6A9iJcLCmkheasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fc88f0-010a-11ec-9723-692d00a25ac2

Request Chain 402

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLe5pqTBvfICFWHHuwgdfHUJbA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fb9e90-010a-11ec-9723-692d00a25ac2

Request Chain 409

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKEz1ZuvyMz7XHw4iONguVo&google_cver=1

Request Chain 410

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRiZTE5OTAtNjIxOC0yMjNlLWZiNDEtMmQzMmM0MzEzYWI0

Request Chain 411

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEDTVyXc4nxFyZGj_4ersOjo&google_cver=1

Request Chain 420

https://www.awin1.com/cshow.php?s=2898042&v=8361&q=383360&r=235229&pref1=59913200139931600719594011691006&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=e12ee390-010a-11ec-bfe3-692d0dec5663&v=8361&r=235229&q=383360&s=2898042&viewref=59913200139931600719594011691006&pv=1

Request Chain 429

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cver=1&google_push=AYg5qPJe-9ti3pf9kW3mqaVOVQdMCz-CjcVIoyECwfsoBZ5cx-RWoJTiHlWFYLL12mLsFB_Q8vLLUs_vBblQCgmcB1obAD0c0ac HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cver=1&google_push=AYg5qPJe-9ti3pf9kW3mqaVOVQdMCz-CjcVIoyECwfsoBZ5cx-RWoJTiHlWFYLL12mLsFB_Q8vLLUs_vBblQCgmcB1obAD0c0ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2sxN0VpSkUxTWdLV1A1&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cver=1&google_push=AYg5qPJe-9ti3pf9kW3mqaVOVQdMCz-CjcVIoyECwfsoBZ5cx-RWoJTiHlWFYLL12mLsFB_Q8vLLUs_vBblQCgmcB1obAD0c0ac

Request Chain 430

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI851FpFH6ksmEcyTjr4mIM&google_cver=1&google_push=AYg5qPIu0kCaUw_4jf68YleinvTYAvGeRrSSY1c2xV7QK-hVzFBlQew5LJHjLYXIamOLue8CPRoKRn-RPe4vibnhiK6JdcYKaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPIu0kCaUw_4jf68YleinvTYAvGeRrSSY1c2xV7QK-hVzFBlQew5LJHjLYXIamOLue8CPRoKRn-RPe4vibnhiK6JdcYKaw

Request Chain 431

https://a.tribalfusion.com/i.match?p=b6&u=CAESEM0fDVEOlx-e85qgWmOSD08&google_cver=1&google_push=AYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM0fDVEOlx-e85qgWmOSD08&google_cver=1&google_push=AYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 432

https://um.simpli.fi/gp_match?google_gid=CAESEGOAR570s9UcEKcbkP-CzS4&google_cver=1&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiGMXAXtDTduB38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F340A862D594E65A6142EF04662B4B9&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiGMXAXtDTduB38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F340A862D594E65A6142EF04662B4B9&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiGMXAXtDTduB38&google_tc=

Request Chain 434

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOBCtLaLIWTZVq9hudefCCk&google_cver=1&google_push=AYg5qPLYhZDi8U4dDHpyJyBIne39wz4fuP2MOn9Ymn2WozqSP1yue0e6BR6gGTp46Eqx_hVMNn_IlGU8on6Y71xCmE_7M9rlD9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5ODE3OTY3ODcyMjUyMTIyOA%3D%3D&google_push=AYg5qPLYhZDi8U4dDHpyJyBIne39wz4fuP2MOn9Ymn2WozqSP1yue0e6BR6gGTp46Eqx_hVMNn_IlGU8on6Y71xCmE_7M9rlD9g

Request Chain 435

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJvjDFi4lEE6-J7Rc9DFKcs&google_cver=1&google_push=AYg5qPLWi6feGsxjsL1oIv6RgD1oDnriYjLSc8F42ORkRavlOKS-UF6K6Lml7ukMMKF2zTa45odLIYO4JiI0VSfAvJYxNdOSJh0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLWi6feGsxjsL1oIv6RgD1oDnriYjLSc8F42ORkRavlOKS-UF6K6Lml7ukMMKF2zTa45odLIYO4JiI0VSfAvJYxNdOSJh0&google_hm=NDg1NTYwNDkyMjUzNTI2MzYxMg%3D%3D

Request Chain 442

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI851FpFH6ksmEcyTjr4mIM&google_cver=1&google_push=AYg5qPJsaW6toTeuu7gGYMByeu2daoRkpwQehdJCTez4KPJyBxXv90q0LweGrtFvxBsLYVIu2C8G63N2V4Oxc5lX47jK6r6R-28 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPJsaW6toTeuu7gGYMByeu2daoRkpwQehdJCTez4KPJyBxXv90q0LweGrtFvxBsLYVIu2C8G63N2V4Oxc5lX47jK6r6R-28

Request Chain 443

https://um.simpli.fi/gp_match?google_gid=CAESEGOAR570s9UcEKcbkP-CzS4&google_cver=1&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlKSAtF3Nwb9GTc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F204C26CA7A425795683AB208CD7E7E&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlKSAtF3Nwb9GTc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F204C26CA7A425795683AB208CD7E7E&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlKSAtF3Nwb9GTc&google_tc=

Request Chain 444

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJvjDFi4lEE6-J7Rc9DFKcs&google_cver=1&google_push=AYg5qPJXEUCxwQP4paiQgIn7YVmwdvSxTkIlfRRVtu8x7XK-DQR_EOh7d409SQkfgCrFlpdZI-NzH5CtmyJVf908gn6ezj9AuAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJXEUCxwQP4paiQgIn7YVmwdvSxTkIlfRRVtu8x7XK-DQR_EOh7d409SQkfgCrFlpdZI-NzH5CtmyJVf908gn6ezj9AuAQ&google_hm=NDg1NTYwNDkyMjUzNTI2MzYxMg%3D%3D

Request Chain 445

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGEmwRGLpwiWLQlOJffSrSM&google_cver=1&google_push=AYg5qPJtAkXFXXI-qxyu6ENXbeTYOvcHDL894sVny1K4Cgz2mDbMUvbVcciat08r7J6PR_VIbmo4NpErsgLCrR3K_hn18EXxzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPJtAkXFXXI-qxyu6ENXbeTYOvcHDL894sVny1K4Cgz2mDbMUvbVcciat08r7J6PR_VIbmo4NpErsgLCrR3K_hn18EXxzw

Request Chain 446

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ1djdFchjaElAJibwgjyNs&google_cver=1&google_push=AYg5qPKQIyM9fuyI_2ZjL_Fb2f5FgV4TeIIJ6dsXb4k5s_ra82UObDID3SQxnJfUofeJeDYjx2hwKF81ftIdQKfBCdMfjqkHxJo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NKNTUyVDktMVQtOE1OWA==&google_push=AYg5qPKQIyM9fuyI_2ZjL_Fb2f5FgV4TeIIJ6dsXb4k5s_ra82UObDID3SQxnJfUofeJeDYjx2hwKF81ftIdQKfBCdMfjqkHxJo

Request Chain 447

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc=

Request Chain 448

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPqDHbuR1vW0U3TxgNynvt0&google_cver=1&google_push=AYg5qPIdlKpdj-QLOKeGwRoym_fG93iMesKIbqRfDlOVmXm0NCzIhVGb3JsXTm0NPhxQOqzHghrlqGMJAZTso55I9kjxqcc2hA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIdlKpdj-QLOKeGwRoym_fG93iMesKIbqRfDlOVmXm0NCzIhVGb3JsXTm0NPhxQOqzHghrlqGMJAZTso55I9kjxqcc2hA&google_hm=MjI5Njk5MDQzNzU5MTUwNjc3OQ%3D%3D

Request Chain 458

https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=59913200139931600719594011691006&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png

Request Chain 459

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=59913200139931600719594011691006&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

473 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dynamo.kiev.ua/ 285 KB
285 KB 165ms
151ms Document
text/html 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 4a9b9d5bb1a2037e3f74407021658f97cb00560081a0820ddf0523e4174a44b4

Request headers

Host: dynamo.kiev.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 291846
Connection: keep-alive
NGKey: :1:dynamo.kiev.ua:NG:/
Accept-Ranges: bytes

GET
H/1.1 200
OK base.css
dynamo.kiev.ua/static/css/ 260 KB
48 KB 175ms
161ms Stylesheet
text/css 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: ac1a913dcc95f175e5e87c6c6e6020e918ef043f58667137728b83bdb3d78496

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 07:46:45 GMT
Server: nginx
ETag: W/"608a6465-40f80"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 64eec9d3e0b5.css
dynamo.kiev.ua/media/compressed_20160617/css/ 157 KB
29 KB 172ms
158ms Stylesheet
text/css 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 908fdcad42c1c71c866d31279ce83d645ede68d92463f82da9398ac23d059cab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 06:50:39 GMT
Server: nginx
ETag: W/"603748bf-27563"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
92 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 13:44:34 GMT
X-Content-Type-Options: nosniff
Age: 10000
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 93435
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 19 Aug 2022 13:44:34 GMT

GET
H2 200 current-device.min.js Show response
unpkg.com/current-device@0.7.2/umd/ 5 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/current-device@0.7.2/umd/current-device.min.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e165a8287ac6e993976e0f981ce0196e76bd28cc4daaabcb96a19cfe50629e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11792464
vary: Accept-Encoding
last-modified: Sun, 03 Dec 2017 19:28:23 GMT
server: cloudflare
etag: W/"1244-C1oVKy5WYdxpmb8GTdRAfPdtzkA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 755ae6c44b937bacf09b4ee9be3a57e3
cache-control: public, max-age=31536000
cf-ray: 6814c561a9ab05d0-FRA

GET
H/1.1 200
OK advert.js Show response
dynamo.kiev.ua/static/js/ 19 B
350 B 165ms
152ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/js/advert.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 1b02d366e9e554d2dcc933eb048b1ef9545b9e614fe93e7a56f5e8b949f7217a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Last-Modified: Tue, 11 Aug 2020 13:40:25 GMT
Server: nginx
ETag: "5f329fc9-13"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adriver.core.2.js Show response
dynamo.kiev.ua/static/js/ 6 KB
2 KB 165ms
152ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/js/adriver.core.2.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3637c6e9880a123ca0f1df89d62e47d34cb9be456f345d611731736830137624

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:25 GMT
Server: nginx
ETag: W/"5f329fc9-17b5"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 google_preloader.gif
gagadget.com/static/img/ 2 KB
2 KB 200ms
59ms Image
image/gif 195.206.238.150
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gagadget.com/static/img/google_preloader.gif
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.150 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: mobus.magnet.kiev.ua
Software: nginx /
Resource Hash: 6287e31d7f75db73e7e80030621ee27901af0443a8fbfe0ca3f848cb03dd1e5e

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:11 GMT
last-modified: Thu, 08 Feb 2018 11:53:56 GMT
server: nginx
etag: "5a7c3a54-8ad"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2221
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reg-option1.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 70ms
60ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/reg-option1.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 6100eca91d6e1c24b6b03a47c56d75e5cd5b00a8fdaa0f978ce70b663531275e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:29 GMT
Server: nginx
ETag: W/"5f329fcd-8d3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reg-option2.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 69ms
59ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/reg-option2.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: e47a810324bd2222c6e525e48401b464b092c0dac0456efe3cc5e639381fe3b4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:26 GMT
Server: nginx
ETag: W/"5f329fca-924"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reg-option3.png
dynamo.kiev.ua/static/img/ 3 KB
3 KB 73ms
64ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/reg-option3.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3c711655f4879ba2f24540a5ef9426b3a6799376b0c2eb5e49e7acc8413decd5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: W/"5f329fcb-bcc"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ajax-loader-big.gif
dynamo.kiev.ua/static/img/ 7 KB
7 KB 69ms
59ms Image
image/gif 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/ajax-loader-big.gif
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: "5f329fcb-1aa4"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6820
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bda53db6b8a88796c72a242b0b2d419b.jpg
dynamo.kiev.ua/media/cache_new/bd/a5/ 29 KB
29 KB 365ms
61ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/bd/a5/bda53db6b8a88796c72a242b0b2d419b.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3d9f04cbe6599ad92206814b3052aedafdc16546f8fed451330dbe6ba8bc9533

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 19:29:05 GMT
Server: nginx
ETag: W/"611d5f81-72c5"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 610493f302e9af63f5e794b1e534c479.jpg
dynamo.kiev.ua/media/cache_new/61/04/ 22 KB
23 KB 74ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/61/04/610493f302e9af63f5e794b1e534c479.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: a836c2023f627f18338381430c931e9a18a22ac2cac00bb9320a9b1e62ffe6ba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:36:08 GMT
Server: nginx
ETag: W/"611e4228-595a"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK d36a1379f472b526ff5676001795a5c6.jpg
dynamo.kiev.ua/media/cache_new/d3/6a/ 16 KB
17 KB 75ms
61ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/d3/6a/d36a1379f472b526ff5676001795a5c6.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 1798a1e584e484d096db10a29783e5ff35d0f3a1ffbe5e3a9d2a5f57f7666b4e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 09:10:31 GMT
Server: nginx
ETag: W/"611e2007-41b0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK e82bf3ccc031dcb3d1afb32ad2f62c33.jpg
dynamo.kiev.ua/media/cache_new/e8/2b/ 15 KB
15 KB 186ms
62ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/e8/2b/e82bf3ccc031dcb3d1afb32ad2f62c33.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 83155da2af076779cb4a4c037f4be3d13d39b474a39b4ee05e42878a1451f2e1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 08:25:01 GMT
Server: nginx
ETag: W/"611e155d-3c10"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ffe2194ba6fc671fb8ce3143d7e6f2c2.jpg
dynamo.kiev.ua/media/cache_new/ff/e2/ 20 KB
20 KB 141ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/ff/e2/ffe2194ba6fc671fb8ce3143d7e6f2c2.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3788187f3f173638a102d4b80b9c05cc7477eb11587611e9473105ff7b3c211e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 07:11:31 GMT
Server: nginx
ETag: W/"611e0423-4f76"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 407e2bbe798108d1a81b4a81f3914767.jpg
dynamo.kiev.ua/media/cache_new/40/7e/ 26 KB
26 KB 75ms
61ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/40/7e/407e2bbe798108d1a81b4a81f3914767.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: b218dddc76f73dcfe7037df4b4137e436c833be749b76c64773e31a9545751d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 06:22:45 GMT
Server: nginx
ETag: W/"611df8b5-68aa"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 89b7c969858dbd99fd7da4ca5933c27e.jpg
dynamo.kiev.ua/media/cache_new/89/b7/ 27 KB
27 KB 138ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/89/b7/89b7c969858dbd99fd7da4ca5933c27e.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 7e9744959ddb0a3df5497d00e6de392a97ebedfa76d6fca4be894cdd3fc4dc28

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 19:43:53 GMT
Server: nginx
ETag: W/"611d62f9-6a95"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK match-center.js Show response
dynamo.kiev.ua/comp/ 8 KB
1 KB 60ms
59ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/comp/match-center.js?cache_ttl=32
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: ef4c46de8b89124e73c15f69a9f8701dc97c753e8d4da2b0b4213e29db5bdde5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
NGKey: :1:dynamo.kiev.ua:NG:/comp/match-center.js?cache_ttl=32

GET
H2 200 02e94e67ee2daab8ff77b99033d25729.jpg
dynamo.kiev.ua/media/cache_new/02/e9/ 825 B
657 B 247ms
59ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/02/e9/02e94e67ee2daab8ff77b99033d25729.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

84cfe80cbf4ef91de23ab0e989a3a2cdf560497884587ed28d54f76157482202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 06:28:50 GMT
server: nginx
etag: W/"5e12d3a2-339"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 bcb37a33e43ec5d6dd06b9a55713c93c.jpg
dynamo.kiev.ua/media/cache_new/bc/b3/ 2 KB
2 KB 247ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/bc/b3/bcb37a33e43ec5d6dd06b9a55713c93c.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

13feafcfc8a8db3c7cf089bb046bf3b9e6938a80434cdb6ce5db913b16707e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 08:29:22 GMT
server: nginx
etag: W/"5de76e62-82d"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 5b87e244a6de8ef53a2c950d49a5a00f.jpg
dynamo.kiev.ua/media/cache_new/5b/87/ 1 KB
1 KB 247ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5b/87/5b87e244a6de8ef53a2c950d49a5a00f.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

c3608675638c9ef92ebfd5f2a24dd34efad9106d33848bf8c7a5098ad753ef73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 08:38:42 GMT
server: nginx
etag: W/"5de77092-55a"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 659251c94b67c5dd4259623fd7949245.jpg
dynamo.kiev.ua/media/cache_new/65/92/ 902 B
743 B 201ms
61ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/65/92/659251c94b67c5dd4259623fd7949245.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4e1d6b0424b6498e3263709d5c1ad917adcfcd1616d12e0a8d76a06966321d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 18:59:40 GMT
server: nginx
etag: W/"5e30849c-386"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 fd05622a83e625e7a2962246f095a03a.jpg
dynamo.kiev.ua/media/cache_new/fd/05/ 889 B
704 B 185ms
61ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/fd/05/fd05622a83e625e7a2962246f095a03a.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

5cda162b99a364a831afad4248df66c83cab5f60b90740e4e18483bffc326657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 09:11:35 GMT
server: nginx
etag: W/"5dcd1a47-379"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2

200

ajax-loader.gif
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/ajax-loader.gif
https://dynamo.kiev.ua/static/img/ajax-loader.gif

3 KB
3 KB

63ms
63ms

Image
image/gif

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/ajax-loader.gif

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: "5f329fcc-c88"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3208
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/ajax-loader.gif
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 064bc5e2c3802bec97715d3fca792907.jpg
dynamo.kiev.ua/media/cache_new/06/4b/ 5 KB
6 KB 163ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/06/4b/064bc5e2c3802bec97715d3fca792907.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 4351f4867e6f3849a65e2a18237739b953d15284cc3e79c36c82c080e472777a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 08:17:06 GMT
Server: nginx
ETag: W/"6107aa02-1586"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

83ba5f202349ea78f002bf9c1e1ca3b2.jpg
dynamo.kiev.ua/media/cache_new/83/ba/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/83/ba/83ba5f202349ea78f002bf9c1e1ca3b2.jpg
https://dynamo.kiev.ua/media/cache_new/83/ba/83ba5f202349ea78f002bf9c1e1ca3b2.jpg

7 KB
7 KB

64ms
64ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/83/ba/83ba5f202349ea78f002bf9c1e1ca3b2.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

05d6ada36b93b38fdc94de0d188c1be38759aef8376c757ab4d77be4b6d95cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 15:08:23 GMT
server: nginx
etag: W/"611e73e7-1ac9"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/83/ba/83ba5f202349ea78f002bf9c1e1ca3b2.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

03c765843cfc1ba1962266978080cb56.jpg
dynamo.kiev.ua/media/cache_new/03/c7/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/03/c7/03c765843cfc1ba1962266978080cb56.jpg
https://dynamo.kiev.ua/media/cache_new/03/c7/03c765843cfc1ba1962266978080cb56.jpg

9 KB
9 KB

66ms
65ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/03/c7/03c765843cfc1ba1962266978080cb56.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

8adc6eec51e8014b829a3b123862328c6f5664606536aa88248c04ba1ee85f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 05:51:19 GMT
server: nginx
etag: W/"6118ab57-23da"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/03/c7/03c765843cfc1ba1962266978080cb56.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

e1316735e867966c0862262d67552409.jpg
dynamo.kiev.ua/media/cache_new/e1/31/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/e1/31/e1316735e867966c0862262d67552409.jpg
https://dynamo.kiev.ua/media/cache_new/e1/31/e1316735e867966c0862262d67552409.jpg

8 KB
8 KB

71ms
71ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/e1/31/e1316735e867966c0862262d67552409.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

e4e00ee8ee2a71f474720f75726ec887a80d4af4f742e90f38dbf5fe0a2b0804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 16:24:28 GMT
server: nginx
etag: W/"5fc7bfbc-1ebb"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/e1/31/e1316735e867966c0862262d67552409.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

00665e01d886dd4c14c521e9a9fe1601.jpg
dynamo.kiev.ua/media/cache_new/00/66/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/00/66/00665e01d886dd4c14c521e9a9fe1601.jpg
https://dynamo.kiev.ua/media/cache_new/00/66/00665e01d886dd4c14c521e9a9fe1601.jpg

11 KB
11 KB

63ms
62ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/00/66/00665e01d886dd4c14c521e9a9fe1601.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

401f1494fe91e393cdc5ce0877b387145cf5c4fad5a8fda0ec58d076739a9ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 13:08:48 GMT
server: nginx
etag: W/"611e57e0-2bbf"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/00/66/00665e01d886dd4c14c521e9a9fe1601.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

089d937d5bb07dbbdb15e90570dabb51.jpg
dynamo.kiev.ua/media/cache_new/08/9d/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/08/9d/089d937d5bb07dbbdb15e90570dabb51.jpg
https://dynamo.kiev.ua/media/cache_new/08/9d/089d937d5bb07dbbdb15e90570dabb51.jpg

11 KB
11 KB

61ms
61ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/08/9d/089d937d5bb07dbbdb15e90570dabb51.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

252107cdbdacc81564de96d49995ea876f6619256292250c7bd9df385c2264f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 13:05:48 GMT
server: nginx
etag: W/"611e572c-2d07"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/08/9d/089d937d5bb07dbbdb15e90570dabb51.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

a725913033fae6fa6a0f1ad523d91958.jpg
dynamo.kiev.ua/media/cache_new/a7/25/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/a7/25/a725913033fae6fa6a0f1ad523d91958.jpg
https://dynamo.kiev.ua/media/cache_new/a7/25/a725913033fae6fa6a0f1ad523d91958.jpg

5 KB
5 KB

62ms
62ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/a7/25/a725913033fae6fa6a0f1ad523d91958.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

c00115da47a9a2822d819c2c13a8311e053508d429c1e32d7753893fc4781c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Sat, 23 Mar 2019 19:39:52 GMT
server: nginx
etag: W/"5c968b88-14fc"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/a7/25/a725913033fae6fa6a0f1ad523d91958.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

77c5c97d66e067d5aa42e08e8f475368.jpg
dynamo.kiev.ua/media/cache_new/77/c5/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/77/c5/77c5c97d66e067d5aa42e08e8f475368.jpg
https://dynamo.kiev.ua/media/cache_new/77/c5/77c5c97d66e067d5aa42e08e8f475368.jpg

7 KB
7 KB

63ms
63ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/77/c5/77c5c97d66e067d5aa42e08e8f475368.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9da06ded639bbbda77a0b99f1bbe4af2e2fc1b7ff959680da43e38c27620a9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 03:26:44 GMT
server: nginx
etag: W/"611494f4-1a43"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/77/c5/77c5c97d66e067d5aa42e08e8f475368.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

5a6b47acf8956603a4d9926bed83fa1d.jpg
dynamo.kiev.ua/media/cache_new/5a/6b/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/5a/6b/5a6b47acf8956603a4d9926bed83fa1d.jpg
https://dynamo.kiev.ua/media/cache_new/5a/6b/5a6b47acf8956603a4d9926bed83fa1d.jpg

11 KB
11 KB

61ms
61ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5a/6b/5a6b47acf8956603a4d9926bed83fa1d.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4c4f4878360a93949cbf773ac6ac5df00d8624eab13c1903a2dd6ce72984227b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 07:36:31 GMT
server: nginx
etag: W/"611e09ff-2a41"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/5a/6b/5a6b47acf8956603a4d9926bed83fa1d.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c6660daadcaf5d2e4f3981ea541497a5.jpg
dynamo.kiev.ua/media/cache_new/c6/66/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c6/66/c6660daadcaf5d2e4f3981ea541497a5.jpg
https://dynamo.kiev.ua/media/cache_new/c6/66/c6660daadcaf5d2e4f3981ea541497a5.jpg

11 KB
11 KB

61ms
61ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c6/66/c6660daadcaf5d2e4f3981ea541497a5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

613cbf3e9249195cf0d74842dcb0fd29a16f59239b2994ea806d650f47b9cd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 06:22:21 GMT
server: nginx
etag: W/"611df89d-2b5d"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c6/66/c6660daadcaf5d2e4f3981ea541497a5.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_sp7wyk7b/version/100002/width/368/height/185/quality/75/type/3/ 9 KB
10 KB 256ms
61ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_sp7wyk7b/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: c18ce067343c84afaa3729213315946397b66fc07702952e6ca044d655e96805

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-modified: Thu, 19 Aug 2021 03:34:50 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 9561
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_4199hqfw/version/100002/width/368/height/185/quality/75/type/3/ 14 KB
14 KB 256ms
61ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_4199hqfw/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 0d24b76fcbb426a2b64f195f0abc1ed28586adcd3d53b33742c5255dd86c06ec

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-modified: Tue, 17 Aug 2021 03:52:58 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 13874
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_o3njsnv7/version/100002/width/368/height/185/quality/75/type/3/ 12 KB
13 KB 255ms
61ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_o3njsnv7/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 06a6e3cbe316a1d8d0cb8ab4d822ae8ff26c572fcd55f8b45bde9dab62d38ef0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-modified: Mon, 16 Aug 2021 18:22:40 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 12529
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_5qi621ni/version/100002/width/368/height/185/quality/75/type/3/ 11 KB
11 KB 255ms
62ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_5qi621ni/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: 7c8b7bf3ef34cf4fac2b53d0ae3654a9a5e795e035a68d6784662296d298f9b7

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-modified: Mon, 16 Aug 2021 05:49:55 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 10912
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_kw357a8e/version/100002/width/368/height/185/quality/75/type/3/ 15 KB
16 KB 247ms
62ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_kw357a8e/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: efb294012ce5a020cea43f3e82bb67df1fce7c700fbdea1f839cfd7418b87054

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-modified: Sun, 15 Aug 2021 08:37:16 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 15720
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H/1.1 200
OK /
video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_4at91kl4/version/100002/width/368/height/185/quality/75/type/3/ 14 KB
14 KB 318ms
62ms Image
image/jpeg 195.206.238.120
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video2.magnet.kiev.ua/p/102/sp/10200/thumbnail/entry_id/0_4at91kl4/version/100002/width/368/height/185/quality/75/type/3/
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.206.238.120 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: orto.magnet.kiev.ua
Software: Apache /
Resource Hash: cbd689dba070d6391d14a2d68ea9c22daec63a4324184a98723f88413c616844

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Kaltura: cached-dispatcher-thumb
Pragma
Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-modified: Sat, 14 Aug 2021 18:24:56 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, max-stale=0
X-Me: video2.magnet.kiev.ua
Connection: close
Accept-Ranges: bytes
Content-Length: 13893
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H2

200

b02215378ef28d983303d5b96a66e84b.jpg
dynamo.kiev.ua/media/cache_new/b0/22/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/b0/22/b02215378ef28d983303d5b96a66e84b.jpg
https://dynamo.kiev.ua/media/cache_new/b0/22/b02215378ef28d983303d5b96a66e84b.jpg

62 KB
62 KB

62ms
62ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/b0/22/b02215378ef28d983303d5b96a66e84b.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

db6dd4c8d548276dea74617cf8b239f0c5e64719c3d42c254b2b968f43ad381b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 10:24:54 GMT
server: nginx
etag: W/"611e3176-f82e"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/b0/22/b02215378ef28d983303d5b96a66e84b.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

1df83b3b2b4f0bde103d8fb37fec2652.jpg
dynamo.kiev.ua/media/cache_new/1d/f8/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/1d/f8/1df83b3b2b4f0bde103d8fb37fec2652.jpg
https://dynamo.kiev.ua/media/cache_new/1d/f8/1df83b3b2b4f0bde103d8fb37fec2652.jpg

79 KB
79 KB

91ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/1d/f8/1df83b3b2b4f0bde103d8fb37fec2652.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

f5895d8277e704aa7255eab9359fc37a650f1da0423fdafadc97016a91b20572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:35:49 GMT
server: nginx
etag: W/"611e25f5-13ad5"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/1d/f8/1df83b3b2b4f0bde103d8fb37fec2652.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

38bc38fc34e412bf44bff236fad10080.jpg
dynamo.kiev.ua/media/cache_new/38/bc/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/38/bc/38bc38fc34e412bf44bff236fad10080.jpg
https://dynamo.kiev.ua/media/cache_new/38/bc/38bc38fc34e412bf44bff236fad10080.jpg

64 KB
64 KB

93ms
93ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/38/bc/38bc38fc34e412bf44bff236fad10080.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

efc21afbba198218d0a5d17500c337a32d34441d6c9606c3a775fd53b22c42a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 20:35:16 GMT
server: nginx
etag: W/"611d6f04-1017f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/38/bc/38bc38fc34e412bf44bff236fad10080.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

f3edfe12238e9bb193026705844cd883.jpg
dynamo.kiev.ua/media/cache_new/f3/ed/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/f3/ed/f3edfe12238e9bb193026705844cd883.jpg
https://dynamo.kiev.ua/media/cache_new/f3/ed/f3edfe12238e9bb193026705844cd883.jpg

8 KB
8 KB

93ms
93ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/f3/ed/f3edfe12238e9bb193026705844cd883.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

c68d5d46195ea04f1f331d4d7291e4506ca9edc817b095bddecaf655a112be20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 20:02:08 GMT
server: nginx
etag: W/"611d6740-21b0"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/f3/ed/f3edfe12238e9bb193026705844cd883.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

05e337118657c0742b868579e1b88c22.jpg
dynamo.kiev.ua/media/cache_new/05/e3/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg
https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg

63 KB
63 KB

88ms
88ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

745f50aec35e5fb8fad46d0a46cdbfa9a6931d641ef72fec0151f60e1b269821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Sat, 31 Jul 2021 13:06:11 GMT
server: nginx
etag: W/"61054ac3-fb19"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/05/e3/05e337118657c0742b868579e1b88c22.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg
dynamo.kiev.ua/media/cache_new/b2/d8/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg
https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg

24 KB
23 KB

104ms
103ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1e736902d8b319f63bc705c5d8a0673e31559639fafddb31b8b0bea85f981718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 17:10:41 GMT
server: nginx
etag: W/"6102e111-5ebc"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/b2/d8/b2d88ce7a6e48fd5ea6f74bebe04fadf.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

5a1f65a31d5b2f8c5bb26357353fe7d5.jpg
dynamo.kiev.ua/media/cache_new/5a/1f/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg
https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg

65 KB
66 KB

69ms
68ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

951bddc2ab1583eee8f4d77d9044c9c5b9081cb584b0a4ac3bb85d9a58e051eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 02:30:37 GMT
server: nginx
etag: W/"6088c8cd-1054d"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/5a/1f/5a1f65a31d5b2f8c5bb26357353fe7d5.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

0ea6704373d9a1bd16e1796de8b64eb1.jpg
dynamo.kiev.ua/media/cache_new/0e/a6/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg
https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg

46 KB
46 KB

93ms
92ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

caae3cca7abf35ee3a61a44711a2c704bf36bc779d05f29e728eced9c1950ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 23:08:12 GMT
server: nginx
etag: W/"6066525c-b75e"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/0e/a6/0ea6704373d9a1bd16e1796de8b64eb1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg
dynamo.kiev.ua/media/cache_new/fb/2b/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg
https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg

70 KB
70 KB

92ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

74a8ab213434825377631ff36d6153feffc0e62b0794b67c9a7ed6371d14fcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 00:50:49 GMT
server: nginx
etag: W/"6063c769-11767"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/fb/2b/fb2b6d8a78fb19334c0dbdb5fb6c2054.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

1b66b6dea36954b3fbfaf6bd6df978c4.jpg
dynamo.kiev.ua/media/cache_new/1b/66/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/1b/66/1b66b6dea36954b3fbfaf6bd6df978c4.jpg
https://dynamo.kiev.ua/media/cache_new/1b/66/1b66b6dea36954b3fbfaf6bd6df978c4.jpg

45 KB
45 KB

90ms
90ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/1b/66/1b66b6dea36954b3fbfaf6bd6df978c4.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

43972fc48215109a3cf57c94545d81497abd31ec33aa5935748489da98eea0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 18:46:02 GMT
server: nginx
etag: W/"6062206a-b2eb"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/1b/66/1b66b6dea36954b3fbfaf6bd6df978c4.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

085689bf3429dd5fe396faae14428578.jpg
dynamo.kiev.ua/media/cache_new/08/56/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/08/56/085689bf3429dd5fe396faae14428578.jpg
https://dynamo.kiev.ua/media/cache_new/08/56/085689bf3429dd5fe396faae14428578.jpg

75 KB
75 KB

87ms
87ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/08/56/085689bf3429dd5fe396faae14428578.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9fe50e39280b3bb056f2446ae348f26dff7d83a787036e95c1ab4bd805cf03b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 22:22:43 GMT
server: nginx
etag: W/"6116f0b3-12c5e"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/08/56/085689bf3429dd5fe396faae14428578.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

6ae9b313ac2d1343ebb4d09aaab13c32.jpg
dynamo.kiev.ua/media/cache_new/6a/e9/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/6a/e9/6ae9b313ac2d1343ebb4d09aaab13c32.jpg
https://dynamo.kiev.ua/media/cache_new/6a/e9/6ae9b313ac2d1343ebb4d09aaab13c32.jpg

64 KB
64 KB

78ms
77ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/6a/e9/6ae9b313ac2d1343ebb4d09aaab13c32.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

7b4d4d0804fc70019f56a690c25e8c68b435050f32bb85645eb6c8a9db2f2756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Sun, 23 May 2021 19:54:04 GMT
server: nginx
etag: W/"60aab2dc-ff30"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/6a/e9/6ae9b313ac2d1343ebb4d09aaab13c32.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

0f8ef8af703fc23896bf9047fe2abe48.jpg
dynamo.kiev.ua/media/cache_new/0f/8e/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/0f/8e/0f8ef8af703fc23896bf9047fe2abe48.jpg
https://dynamo.kiev.ua/media/cache_new/0f/8e/0f8ef8af703fc23896bf9047fe2abe48.jpg

38 KB
38 KB

80ms
80ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/0f/8e/0f8ef8af703fc23896bf9047fe2abe48.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d3a73184cdb3ffbbb08f64fae22ecfbbc55e5eef672b78ad0045fc5709ae4058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 22:04:06 GMT
server: nginx
etag: W/"6089dbd6-97df"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/0f/8e/0f8ef8af703fc23896bf9047fe2abe48.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c932f455affe4b88ccf3b01754a6e2b8.jpg
dynamo.kiev.ua/media/cache_new/c9/32/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c9/32/c932f455affe4b88ccf3b01754a6e2b8.jpg
https://dynamo.kiev.ua/media/cache_new/c9/32/c932f455affe4b88ccf3b01754a6e2b8.jpg

47 KB
47 KB

91ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c9/32/c932f455affe4b88ccf3b01754a6e2b8.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

61686615e341466c7d3cbcc992bad3ea8787ffa631f88fdd33a69a8fe9e0d7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 20:53:02 GMT
server: nginx
etag: W/"6085d6ae-bc9f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c9/32/c932f455affe4b88ccf3b01754a6e2b8.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

7745535c8fd9ef0e6858d8b5db8fd996.jpg
dynamo.kiev.ua/media/cache_new/77/45/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/77/45/7745535c8fd9ef0e6858d8b5db8fd996.jpg
https://dynamo.kiev.ua/media/cache_new/77/45/7745535c8fd9ef0e6858d8b5db8fd996.jpg

85 KB
85 KB

76ms
76ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/77/45/7745535c8fd9ef0e6858d8b5db8fd996.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

dc095111c4e77408c17a759350475a765a6bfcc3e8c6de47473433a736f1380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Sun, 18 Apr 2021 20:56:28 GMT
server: nginx
etag: W/"607c9cfc-15338"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/77/45/7745535c8fd9ef0e6858d8b5db8fd996.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

90b6d8a005da7ac91eb14b048277921e.jpg
dynamo.kiev.ua/media/cache_new/90/b6/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg
https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg

56 KB
56 KB

92ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

446900dce4d576e503d418d5557b3aee48920950b97fd52c09814dcf843ad610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Sun, 26 Jan 2020 20:40:08 GMT
server: nginx
etag: W/"5e2df928-df0f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/90/b6/90b6d8a005da7ac91eb14b048277921e.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c3280934c0597426df3b84932ba87bee.jpg
dynamo.kiev.ua/media/cache_new/c3/28/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg
https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg

38 KB
38 KB

89ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

7aa978f16c3a830e2a59d13ec0e39dbb8e02f6700f402d98bcd0a05598b8a70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2019 07:38:06 GMT
server: nginx
etag: W/"5ccd415e-9863"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c3/28/c3280934c0597426df3b84932ba87bee.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

e7eaf02a4ba0d781939e7e807b972966.jpg
dynamo.kiev.ua/media/cache_new/e7/ea/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg
https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg

74 KB
74 KB

90ms
90ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

03fa5c882e72e615179dd04be0a422d4c37a71a8c5a3bad03609a11b514212ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 23:23:26 GMT
server: nginx
etag: W/"5c941cee-1281f"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/e7/ea/e7eaf02a4ba0d781939e7e807b972966.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

bf9cb15e6f1e91e114864c412aa6d367.jpg
dynamo.kiev.ua/media/cache_new/bf/9c/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg
https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg

58 KB
58 KB

90ms
89ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

dd42860af2e0ef10161df8c08a1f5737c84cc8f5adc3c6ae3b5064aedb44756e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 15:28:12 GMT
server: nginx
etag: W/"5c87d00c-e761"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/bf/9c/bf9cb15e6f1e91e114864c412aa6d367.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

c49656d35a49efd14d99cb8e791fcd82.jpg
dynamo.kiev.ua/media/cache_new/c4/96/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg
https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg

52 KB
52 KB

93ms
93ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

8a0894f5aaf596f3664b20cedcb9e9ce030f0dd54d69f46a4c94bf853b1e337b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 14:27:04 GMT
server: nginx
etag: W/"5c87c1b8-d13c"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/c4/96/c49656d35a49efd14d99cb8e791fcd82.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

b4ab6a53ccef1a7117997b3fe2f28147.jpg
dynamo.kiev.ua/media/cache_new/b4/ab/
Redirect Chain

http://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg
https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg

61 KB
61 KB

91ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

2c554812d1e758ce5a7aff596d5fd1b4ff48afdf6ad2f8355eed198261cb923c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 26 Feb 2019 15:32:09 GMT
server: nginx
etag: W/"5c755bf9-f3ec"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;

Redirect headers

Location: https://dynamo.kiev.ua/media/cache_new/b4/ab/b4ab6a53ccef1a7117997b3fe2f28147.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 18f75ca084ac48bdc30f930153f2f88c.jpg
dynamo.kiev.ua/media/cache_new/18/f7/ 12 KB
12 KB 115ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/18/f7/18f75ca084ac48bdc30f930153f2f88c.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 8b95912e10acc46f5f4a88296d5ce833c0906262afc4448ee3af7b038c5a62f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Aug 2021 06:14:50 GMT
Server: nginx
ETag: W/"611b53da-2eb5"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 6619aabb3649ad07f2726b4bb184c33d.jpg
dynamo.kiev.ua/media/cache_new/66/19/ 10 KB
10 KB 156ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/66/19/6619aabb3649ad07f2726b4bb184c33d.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 8eeb5f3377ddddb0e03cdc1574b71c8730779256af87bfe0bea8ed6df131fadc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 13:38:16 GMT
Server: nginx
ETag: W/"60e45cc8-270c"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK a562b9434b45f630004119067d5e9561.jpg
dynamo.kiev.ua/media/cache_new/a5/62/ 16 KB
16 KB 127ms
60ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/a5/62/a562b9434b45f630004119067d5e9561.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: e6571b99b98aef2eb857c2791a7eef70a72acc2e81f6a6eb7a8390c9e966e006

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 18:49:31 GMT
Server: nginx
ETag: W/"611d563b-4004"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 4ffdf153cc6768cd5845b4b8d3a27afb.jpg
dynamo.kiev.ua/media/cache_new/4f/fd/ 9 KB
9 KB 176ms
59ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/4f/fd/4ffdf153cc6768cd5845b4b8d3a27afb.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: b1de40891c11d79bf163929246bd07d9674bd5d45def3e494999ee980597bcb6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 09:21:57 GMT
Server: nginx
ETag: W/"611e22b5-23dc"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 45cf1b41354f15719508eeaf6a11b86e.jpg
dynamo.kiev.ua/media/cache_new/45/cf/ 6 KB
6 KB 162ms
59ms Image
image/jpeg 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/media/cache_new/45/cf/45cf1b41354f15719508eeaf6a11b86e.jpg
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 990cb8ca8afe9ba007c99216f8967e78141d4e437dbaabcd70891e9a748b550c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 10:52:09 GMT
Server: nginx
ETag: W/"611e37d9-1848"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK red-reward-middle.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 155ms
59ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/red-reward-middle.png?V1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 2f4faffda5a29748db5441d3dd9ba18a57b17bf7d95e7f8f9259689fb0db69cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: W/"5f329fcb-885"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK blogs_w.png
dynamo.kiev.ua/static/img/ 2 KB
2 KB 175ms
59ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/blogs_w.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: ab6b2c6c46d0928ca186f28567dc85e2daf2549309a8ec100d995163a39baa82

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-95e"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

post342808.jpg
dynamo.kiev.ua/media/posts/2020/03/31/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg
https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg

37 KB
36 KB

89ms
86ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1044a2d2d749c4044aeb1a23fcbe9bcc9d373f66791503593d91fb260c217f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 09:55:35 GMT
server: nginx
etag: W/"5e831397-9290"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/03/31/post342808.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

ruk1.jpg
dynamo.kiev.ua/media/posts/2020/03/03/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg
https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg

44 KB
41 KB

80ms
80ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

0eb266aad0b6eedff13ea2b3677ca4259a5629a3503c182aa137b6870466b807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 12:41:32 GMT
server: nginx
etag: W/"5e5e507c-b02b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/03/03/ruk1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

kol1.jpg
dynamo.kiev.ua/media/posts/2020/03/05/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg
https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg

132 KB
132 KB

82ms
82ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

0e742061b7b95c780006ef36f592530945a422277247333be8a38e43a4fcd3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 10:02:44 GMT
server: nginx
etag: W/"5e60ce44-20ffe"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/03/05/kol1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

cpa1.jpg
dynamo.kiev.ua/media/posts/2020/02/26/
Redirect Chain

http://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg
https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg

52 KB
51 KB

94ms
94ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

da493df9f8dc6a697f2dccf4cc64e5d5edd5445ea7033c0364f492848c195095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Wed, 26 Feb 2020 13:47:35 GMT
server: nginx
etag: W/"5e5676f7-d05d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/media/posts/2020/02/26/cpa1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

orphus.gif
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/orphus.gif
https://dynamo.kiev.ua/static/img/orphus.gif

2 KB
2 KB

81ms
81ms

Image
image/gif

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/orphus.gif

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ecfb8b0439da5fdccf9c2256c0ee89ab13534176f55f2f5553037296960cee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: "5f329fcc-64a"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1610
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/orphus.gif
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK footer2.css
dynamo.kiev.ua/static/holding/ 3 KB
1 KB 60ms
59ms Stylesheet
text/css 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/holding/footer2.css
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 0014a8628e795ff94e5d28b199d188366da8679b396757e5cc872957561345ef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dynamo.kiev.ua/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:21 GMT
Server: nginx
ETag: W/"5f329fc5-bd9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK autoUpdate.adriver.js Show response
ua-content.adriver.ru/plugins/ 5 KB
5 KB 148ms
86ms Script
application/x-javascript 31.28.167.67
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://ua-content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/js/adriver.core.2.js
Protocol: HTTP/1.1
Server: 31.28.167.67 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7dc82ff0bb83a56217791ba200123129226d99ed95b3900888b238f1ea008983

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:14 GMT
Last-Modified: Thu, 08 Jul 2021 13:48:26 GMT
Server: nginx
ETag: "60e7022a-126d"
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: close
Accept-Ranges: bytes
Content-Length: 4717
Expires: Thu, 19 Aug 2021 17:31:14 GMT

GET
H/1.1 200
OK loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
30 KB 22ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ac946aca1da2553ef9e8d0184abbcd1f9d12d263898d7dfa552f6fde6a93f24f

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc28
Date: Thu, 19 Aug 2021 16:31:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:33 GMT
Server: nginx
ETag: W/"611e508d-15709"
Transfer-Encoding: chunked
X-Cached-Since: 2021-08-19T16:30:57+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Cache: HIT
Connection: keep-alive
Expires: Thu, 19 Aug 2021 13:47:45 GMT

GET
H/1.1 200
OK b.js Show response
cdn.trafficdok.com/libs/ 2 KB
2 KB 53ms
30ms Script
application/javascript 84.16.240.93
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.trafficdok.com/libs/b.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Server

84.16.240.93 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

4b65d247321388f4a244635e89734d23ddd0ba58413d383a2f793c8273ce85a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 11 Nov 2020 10:35:49 GMT
Server: nginx
ETag: W/"5fabbe85-902"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Fri, 20 Aug 2021 16:31:14 GMT

GET
H/1.1 200
OK shop-icons.png
dynamo.kiev.ua/static/img/ 23 KB
22 KB 173ms
164ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/shop-icons.png?v1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5bf3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shop-icons.png
dynamo.kiev.ua/static/img/ 23 KB
22 KB 95ms
60ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/shop-icons.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5bf3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shop-icons.png
dynamo.kiev.ua/static/img/ 23 KB
22 KB 123ms
61ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/shop-icons.png?v2
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5bf3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pkYDSlCHbDnBWPT5PPFFTA.ttf
themes.googleusercontent.com/static/fonts/ptsans/v5/ 433 KB
230 KB 31ms
9ms Font
font/ttf 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/ptsans/v5/pkYDSlCHbDnBWPT5PPFFTA.ttf

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://dynamo.kiev.ua
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 18:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234617
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 18:39:39 GMT

GET
H2

200

ok-label.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/ok-label.jpg
https://dynamo.kiev.ua/static/img/ok-label.jpg

5 KB
5 KB

68ms
67ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/ok-label.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d82652907e4bac8318c0fa574645fda913602cb39063afe12947539f28073bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-1426"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/ok-label.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fail-label.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fail-label.jpg
https://dynamo.kiev.ua/static/img/fail-label.jpg

5 KB
5 KB

91ms
91ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fail-label.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

96bc31dad93511cb788799c0fad76aaf3b9fc5855bf59a246b9e376958522404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: W/"5f329fcc-13d2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fail-label.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK all-action.js Show response
dynamo.kiev.ua/static/js/ 4 KB
2 KB 142ms
59ms Script
application/javascript 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL: http://dynamo.kiev.ua/static/js/all-action.js?v8
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 9b04c768886d0bd0169a22e9d9084cf66dc8879babe4c44e61541940ded24061

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://dynamo.kiev.ua/
Cookie: b=b
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:25 GMT
Server: nginx
ETag: W/"5f329fc9-11ff"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

post.safe.delete.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/post.safe.delete.js
https://dynamo.kiev.ua/static/js/post.safe.delete.js

299 B
496 B

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/post.safe.delete.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

6f06190a9eea6cc20582fa356d9c5607ad7cf43db99377fec129b190e88455aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-12b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/post.safe.delete.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.spandata.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery.spandata.js
https://dynamo.kiev.ua/static/js/jquery.spandata.js

807 B
586 B

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery.spandata.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

04c3803e1c0b06730edd71c100252e947fc16c5a89227aa495442dc1c3355970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-327"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery.spandata.js
Non-Authoritative-Reason: HSTS

GET
H2

200

http://dynamo.kiev.ua/static/js/login.js?v4
https://dynamo.kiev.ua/static/js/login.js?v4

4 KB
1 KB

61ms
61ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/login.js?v4

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

53c6d64604561a4a307fb3b74d187903a20cb1f6a7b42245aaa318f5803f478c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-1007"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/login.js?v4
Non-Authoritative-Reason: HSTS

GET
H2

200

hover.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/hover.js
https://dynamo.kiev.ua/static/js/hover.js

176 B
375 B

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/hover.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

28a4855b721e72c54d221f461a55f5e8ddc79cd337932df6cac7980de9a62f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/hover.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.cookie.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery.cookie.js
https://dynamo.kiev.ua/static/js/jquery.cookie.js

4 KB
2 KB

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery.cookie.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-1096"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery.cookie.js
Non-Authoritative-Reason: HSTS

GET
H2

200

money.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/money.js?v21
https://dynamo.kiev.ua/static/js/money.js?v21

8 KB
3 KB

60ms
60ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/money.js?v21

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

37941d2b1432f086358b059b7d64d9d30399858862f16ecda247d351258d4881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-1fba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/money.js?v21
Non-Authoritative-Reason: HSTS

GET
H2

200

subscriptions.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/subscriptions.js
https://dynamo.kiev.ua/static/js/subscriptions.js

212 B
422 B

60ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/subscriptions.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

e2f02f34765f57754e2503f10d7f8936a759abe34b4c087f163ccee94597989e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-d4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/subscriptions.js
Non-Authoritative-Reason: HSTS

GET
H2

200

bootstrap.js Show response
dynamo.kiev.ua/static/bootstrap/js/
Redirect Chain

http://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js
https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js

58 KB
11 KB

64ms
64ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

32150435e7483d330aede0098d0b1fc9d61d3a34e8f5358b08a736c3606560a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:29 GMT
server: nginx
etag: W/"5f329fcd-e775"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/bootstrap/js/bootstrap.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.jcarousel.min.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js
https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js

17 KB
5 KB

61ms
61ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

199c6645a72f24059216d021778b4602a4b9892fa5d068e266a28b4e3d87c6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-443a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery.jcarousel.min.js
Non-Authoritative-Reason: HSTS

GET
H2

200

fanzone.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/fanzone.js?v8
https://dynamo.kiev.ua/static/js/fanzone.js?v8

3 KB
1 KB

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/fanzone.js?v8

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4abfec0add66154f7a20f565a8a5d41654364fa81de4b0b375c3a8c67330eaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-b40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/fanzone.js?v8
Non-Authoritative-Reason: HSTS

GET
H2

200

prebid2.41.0.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/prebid2.41.0.js
https://dynamo.kiev.ua/static/js/prebid2.41.0.js

119 KB
39 KB

87ms
87ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/prebid2.41.0.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1b94247f3e2baaa9a8a062de0446ceac23b5f0dd12e005acdbda28fc554ab812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-1dc48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/prebid2.41.0.js
Non-Authoritative-Reason: HSTS

GET
H2

200

prebid-units.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/prebid-units.js
https://dynamo.kiev.ua/static/js/prebid-units.js

3 KB
1 KB

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/prebid-units.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

ab177098c8c57fab5c6bc3b5dde2aea18d459ff6c09f94cbdaf1974bb077dcc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/prebid-units.js
Non-Authoritative-Reason: HSTS

GET
H2

200

blog-list.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/blog-list.js
https://dynamo.kiev.ua/static/js/blog-list.js

274 B
461 B

60ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/blog-list.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4f300d0799f69110cc1c1798e4ab6f5adf02f1b82020e350767d24c40cedefb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-112"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/blog-list.js
Non-Authoritative-Reason: HSTS

GET
H2

200

newsblogs-widget.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7
https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7

2 KB
811 B

59ms
59ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

66a31c4266316ef767a4bff1f75fe8563ba9a4c40272daf07b13ce91f1077233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-613"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/newsblogs-widget.js?v7
Non-Authoritative-Reason: HSTS

GET
H2

200

tv-index.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/tv-index.js?v5
https://dynamo.kiev.ua/static/js/tv-index.js?v5

3 KB
2 KB

68ms
67ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/tv-index.js?v5

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

cdea454724c45ad926434ca19806637461a5de4bcea8e092ddca7db571dc3a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-dd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/tv-index.js?v5
Non-Authoritative-Reason: HSTS

GET
H2

200

imp-matches-widget.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5
https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5

5 KB
2 KB

68ms
68ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

4d4e47b54747bf336a7d03b85326a04f7df56a924124a0b869b46111b27bf184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:24 GMT
server: nginx
etag: W/"5f329fc8-15bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/imp-matches-widget.js?v5
Non-Authoritative-Reason: HSTS

GET
H2

200

social_lightbox.js Show response
dynamo.kiev.ua/static/js/
Redirect Chain

http://dynamo.kiev.ua/static/js/social_lightbox.js?v2
https://dynamo.kiev.ua/static/js/social_lightbox.js?v2

3 KB
1 KB

63ms
62ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/social_lightbox.js?v2

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

350fa9c2a785b663adc8330ab9b4f0b033bd8e8626ce1776a2825c2f2cc2b48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-bb4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/social_lightbox.js?v2
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.countdown.js Show response
dynamo.kiev.ua/static/js/jquery-countdown/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js

32 KB
9 KB

62ms
62ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

1032682ae485621f8b00c3a942a01e6d6e9e7df45115fb9c08cce0f994bf5ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-811f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown.js
Non-Authoritative-Reason: HSTS

GET
H2

200

jquery.countdown-ru.js Show response
dynamo.kiev.ua/static/js/jquery-countdown/
Redirect Chain

http://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js
https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js

1 KB
834 B

63ms
62ms

Script
application/javascript

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

9dede4ed705f42e8b4dfec0c4932132d7e0bd215cbd591db77566176de24c935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:25 GMT
server: nginx
etag: W/"5f329fc9-410"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/js/jquery-countdown/jquery.countdown-ru.js
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_1.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_1.jpg
https://dynamo.kiev.ua/static/img/fan-banner_1.jpg

37 KB
37 KB

90ms
85ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_1.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

8c8a76d38a81e3e9005bbaed9a6660426c03d066ff88a47001f2d749270bc4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:26 GMT
server: nginx
etag: W/"5f329fca-95db"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_1.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_2.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_2.jpg
https://dynamo.kiev.ua/static/img/fan-banner_2.jpg

39 KB
38 KB

69ms
62ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_2.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

3b02fb712038660f6a953365e718456dd14686dfa562df6d772fc9713e32db50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-9a39"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_2.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_3.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_3.jpg
https://dynamo.kiev.ua/static/img/fan-banner_3.jpg

21 KB
21 KB

65ms
64ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_3.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

484e048a19f2d1d120d469e566c755d51c4d5336b9c46d8b6527a24d86aa0295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:28 GMT
server: nginx
etag: W/"5f329fcc-54e2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_3.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_4.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_4.jpg
https://dynamo.kiev.ua/static/img/fan-banner_4.jpg

29 KB
28 KB

104ms
101ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_4.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

07c7bb3189d22677dca36bd8990a1c71f5c2990752682ddb50cd50a1a525ccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:29 GMT
server: nginx
etag: W/"5f329fcd-75c2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_4.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_5.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_5.jpg
https://dynamo.kiev.ua/static/img/fan-banner_5.jpg

21 KB
20 KB

100ms
96ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_5.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

835e9fa3c02a45ec17bfafa1c1c56cc200ca10a89272db36b25147ca440311d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:26 GMT
server: nginx
etag: W/"5f329fca-5476"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_5.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

fan-banner_6.jpg
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/fan-banner_6.jpg
https://dynamo.kiev.ua/static/img/fan-banner_6.jpg

29 KB
27 KB

100ms
96ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/fan-banner_6.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d52e181f46fce3de01823cc23c23bad4016aba88ad12b4bba4841cfd12fad7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-7353"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/fan-banner_6.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

purse.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/purse.png
https://dynamo.kiev.ua/static/img/purse.png

1 KB
1 KB

91ms
90ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/purse.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d9c0c3e85c6295e5353777a2989538dba3911ed55b196cfe4e6681c90f85335c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-47b"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/purse.png
Non-Authoritative-Reason: HSTS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H3ZT0JTLM0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b787d0da21cabc15baeb0e6de1bc4a2bdb1d0d10ce1800e4058e333e101329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51343
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:14 GMT

GET
H/1.1 200
OK digits.png
dynamo.kiev.ua/static/img/ 1 KB
2 KB 122ms
72ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/digits.png?v=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 93cfd03da1c6421843afe6319577a726851ddd53558995ba88fd91dae8902103

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/static/css/base.css?v=20210628
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-5e9"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg-imp-arrows.png
dynamo.kiev.ua/static/img/ 3 KB
3 KB 135ms
59ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/bg-imp-arrows.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 52af586d9dc2f808b3ee4a93bf22e4c8e85f477ad1c291660aae1ca6d387a4f0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/static/css/base.css?v=20210628
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:28 GMT
Server: nginx
ETag: W/"5f329fcc-c13"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g46X4VH_KHOWAAa-HpnGPi3USBnSvpkopQaUR-2r7iU.ttf
themes.googleusercontent.com/static/fonts/ptsans/v5/ 459 KB
244 KB 28ms
28ms Font
font/ttf 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/ptsans/v5/g46X4VH_KHOWAAa-HpnGPi3USBnSvpkopQaUR-2r7iU.ttf

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3128bd5ecf01816e59a23d54c57a7a6b14615b07db53ff277c77376010265b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://dynamo.kiev.ua
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249365
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:10:35 GMT

GET
H/1.1 200
OK rss.png
dynamo.kiev.ua/static/img/ 915 B
1 KB 174ms
59ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/img/rss.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: 3e084365b8c06972b05bb7f7920e9a7a3a8688f52ceaadc55995521bd932f130

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/static/css/base.css?v=20210628
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/static/css/base.css?v=20210628
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:27 GMT
Server: nginx
ETag: W/"5f329fcb-393"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK glyphicons-halflings-white.png
dynamo.kiev.ua/static/bootstrap/img/ 9 KB
9 KB 186ms
60ms Image
image/png 195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings-white.png
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Protocol: HTTP/1.1
Server: 195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: trono.magnet.kiev.ua
Software: nginx /
Resource Hash: f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dynamo.kiev.ua
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Aug 2020 13:40:29 GMT
Server: nginx
ETag: W/"5f329fcd-2249"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

bg-post-comments-small.png
dynamo.kiev.ua/static/img/
Redirect Chain

http://dynamo.kiev.ua/static/img/bg-post-comments-small.png
https://dynamo.kiev.ua/static/img/bg-post-comments-small.png

190 B
433 B

60ms
59ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/img/bg-post-comments-small.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/css/base.css?v=20210628

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

724b85d2225037fa105d8e07b27119480f21f68cb74ba298b841ed337cd8da1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:27 GMT
server: nginx
etag: W/"5f329fcb-be"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/img/bg-post-comments-small.png
Non-Authoritative-Reason: HSTS

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame 7874 637 B
537 B 21ms
6ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

server: nginx
date: Thu, 19 Aug 2021 16:31:14 GMT
content-type: text/html
last-modified: Thu, 19 Aug 2021 12:37:29 GMT
vary: Accept-Encoding
etag: W/"611e5089-27d"
expires: Sat, 20 Aug 2022 13:37:17 GMT
cache-control: max-age=31622400
access-control-allow-origin: *
cache: HIT
x-cached-since: 2021-08-19T13:37:17+00:00
x-id: fr5-up-gc14
content-encoding: gzip

GET
H/1.1 200
OK a6c594b5e52a93d3c19f.b.js Show response
cdn.admixer.net/scripts3/ 92 KB
27 KB 13ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e6ecc3beb03f58388cb5a5329040fb1b97ef3a36af6bb499a8fe5d5e4ceb182a

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc34
Date: Thu, 19 Aug 2021 16:31:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:26 GMT
Server: nginx
ETag: W/"611e5086-16fc0"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:24+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:24 GMT

GET
H/1.1 200
OK 2da3a1f7c5b623b3c382.b.js Show response
cdn.admixer.net/scripts3/ 91 KB
26 KB 13ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 15d9e92ad2b1c3d7a0dd6988d4d787197c2c8b9c16ee2874da3ecdf43c99e181

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc29
Date: Thu, 19 Aug 2021 16:31:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:21 GMT
Server: nginx
ETag: W/"611e5081-16d4a"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:22+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:22 GMT

GET
H2

200

glyphicons-halflings.png
dynamo.kiev.ua/static/bootstrap/img/
Redirect Chain

http://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png
https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png

12 KB
13 KB

62ms
61ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/media/compressed_20160617/css/64eec9d3e0b5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:29 GMT
server: nginx
etag: W/"5f329fcd-31ff"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/bootstrap/img/glyphicons-halflings.png
Non-Authoritative-Reason: HSTS

GET
H/1.1 204
No Content load Show response
z.cdn.trafficdok.com/ 0
432 B 55ms
15ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficdok.com/load?z=1681292205&div=f0c6mva7of4&cw=1600&ch=1200&sr=1600x1200&df=1&tz=120&bh=2&tl=612&hc=12&n=1629390674629&url=dynamo.kiev.ua%2F&vc=0&ti=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&zyx=2433290145
Requested by: Host: cdn.trafficdok.com
URL: http://cdn.trafficdok.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:14 GMT
Cache-Control: no-cache, must-revalidate
Expires: -1
Server: nginx
Connection: keep-alive
P3P: policyref="http://z.cdn.adbetnet.io/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK /
c.bigmir.net/ 476 B
731 B 202ms
48ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?s5613&t8&c1&d24&r1600
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 4982372fbf7b48657a5534aff52529f126f49936ea492aaa53b4308c687c84bf

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.8557373905610048
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.8557373905610048

420 B
906 B

62ms
60ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.8557373905610048

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

914fa458362d7990d189b4879662799e8f6c435bd5cafa8984057344d20d6f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 420
Expires: Tue, 18 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//dynamo.kiev.ua/;0.8557373905610048
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 18 Aug 2020 21:00:00 GMT

GET
H2

200

bg_mFooter.jpg
dynamo.kiev.ua/static/holding/footer2/img/
Redirect Chain

http://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg
https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg

8 KB
7 KB

107ms
107ms

Image
image/jpeg

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/holding/footer2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

7466c425ec745183e05ffd580822e2df7acb736e4b012888990a81ffe0de632d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:21 GMT
server: nginx
etag: W/"5f329fc5-217d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/holding/footer2/img/bg_mFooter.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

logo.png
dynamo.kiev.ua/static/holding/footer2/img/
Redirect Chain

http://dynamo.kiev.ua/static/holding/footer2/img/logo.png
https://dynamo.kiev.ua/static/holding/footer2/img/logo.png

5 KB
5 KB

108ms
107ms

Image
image/png

195.206.238.20
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dynamo.kiev.ua/static/holding/footer2/img/logo.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/static/holding/footer2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.206.238.20 , Ukraine, ASN6849 (UKRTELNET, UA),

Reverse DNS

trono.magnet.kiev.ua

Software

nginx /

Resource Hash

e59498ff950418bc1fd339aa191bafb81a74ec94d640c8b45940e44ee9051aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Aug 2020 13:40:21 GMT
server: nginx
etag: W/"5f329fc5-14c7"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubdomains;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://dynamo.kiev.ua/static/holding/footer2/img/logo.png
Non-Authoritative-Reason: HSTS

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

14ms
13ms

Script
text/javascript

2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2298
date: Thu, 19 Aug 2021 15:52:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 19 Aug 2021 17:52:57 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/all.js
https://connect.facebook.net/ru_RU/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

150ed51dfb3afae5c2f4617e7ede3e86b5c2da5f73856189982345f491c328b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KsZzZ/Wl+DBzPDDiGvuFxg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: wLn+YQjCbxv2B/qaKqhViJ4D9Mon0cO8lRnTDhZJZruWSmIFeaR+piz8UXYdNdfKnAJ9tnjrKnLt+2vZNjsFQw==
x-fb-trip-id: 917726464
x-fb-content-md5: f4090659fd77d3263e4c40e9ad2f11f1
x-frame-options: DENY
date: Thu, 19 Aug 2021 16:31:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "63bc793e20989cb2888686bbd2a9a787"
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:42:40 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 204
No Content load Show response
z.cdn.trafficdok.com/ 0
176 B 15ms
14ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficdok.com/load?z=1825282040&div=c97websdva8&cw=1600&ch=1200&sr=1600x1200&df=1&tz=120&bh=2&tl=612&hc=12&n=1629390674629&url=dynamo.kiev.ua%2F&vc=0&ti=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&zyx=2433290145
Requested by: Host: cdn.trafficdok.com
URL: http://cdn.trafficdok.com/libs/b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:15 GMT
Cache-Control: no-cache, must-revalidate
Server: nginx
Connection: keep-alive
Expires: -1

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 6 KB
3 KB 204ms
147ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9426269637967196&cpv=95c4c545-affb-7396-20d9-f235581a6bae&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22aca1fc47-de7e-3800-29ac-98b643430769%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fdynamo.kiev.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2292a5ddf0-5b0e-3115-0a78-73877a641656%22%2C%22tagid%22%3A%226f66d37e-5989-4e49-8e9b-1699cfca899d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_6f66d37e59894e498e9b1699cfca899d_zone_22896_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%223d77689a-b88e-abff-f73f-fae595a73bb4%22%2C%22tagid%22%3A%22f155fab6-1745-4c06-b9cd-46de4a227ea7%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_f155fab617454c06b9cd46de4a227ea7_zone_37796_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22df03af7b-3c21-bced-2b4e-45905ea06093%22%2C%22tagid%22%3A%2216f37bdc-0b5f-4235-ba65-d61a77e35e25%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_16f37bdc0b5f4235ba65d61a77e35e25_zone_37797_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2214eadec2-9be8-8fa3-3853-236e668aff8a%22%2C%22tagid%22%3A%221ee7e353-94de-4344-a59a-7f085b148644%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ee7e35394de4344a59a7f085b148644_zone_37800_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22c3e93f3a-778e-f7a5-3b4c-491e28f85ac8%22%2C%22tagid%22%3A%22ff94c55c-a4b6-4582-91b4-448c06e6549d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ff94c55ca4b6458291b4448c06e6549d_zone_37801_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22a7cfc968-face-f8eb-21de-b0f9c664143a%22%2C%22tagid%22%3A%22371e73f5-9f85-4bf5-a811-87cda8e1dc6b%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_371e73f59f854bf5a81187cda8e1dc6b_zone_22897_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A6%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

334033d698a958acf808075fc21a28659eded82daa90c20e45e34b5b2537f397

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 2334
X-Xss-Protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
71 B 13ms
12ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H3ZT0JTLM0&gtm=2oe8g0&_p=976597661&sr=1600x1200&ul=en-us&cid=1840762763.1629390675&_s=1&dl=http%3A%2F%2Fdynamo.kiev.ua%2F&dt=%D0%94%D0%B8%D0%BD%D0%B0%D0%BC%D0%BE%20%D0%9A%D0%B8%D0%B5%D0%B2%20%D0%BE%D1%82%20%D0%A8%D1%83%D1%80%D0%B8%D0%BA%D0%B0%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D0%B5%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0&sid=1629390675&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3ZT0JTLM0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 47 KB
6 KB 694ms
642ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1199481460177822.5&cpv=95c4c545-affb-7396-20d9-f235581a6bae&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%229a57a7c5-b669-6ce8-4ad3-b4cde342623f%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fdynamo.kiev.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220fcee34c-1649-03f5-35b9-06580a44fc53%22%2C%22tagid%22%3A%22752e7067-2ab4-4356-a9a8-56143c99ee21%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_752e70672ab44356a9a856143c99ee21_zone_5382_sect_440_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22f9e3058c-d7d3-e448-35e4-b43772d8cb21%22%2C%22tagid%22%3A%22296b5670-49a2-42b8-bf85-3d039da56b6a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_296b567049a242b8bf853d039da56b6a_zone_22898_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2269f1085d-fcd6-6dcf-f46c-1ac2dbfd3da6%22%2C%22tagid%22%3A%22ed65a398-e39c-4c65-8a6e-d40de05ef36a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ed65a398e39c4c658a6ed40de05ef36a_zone_22906_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%226cf2ca86-befc-2e13-0f06-9fba5df9bfd8%22%2C%22tagid%22%3A%225cb0175c-f2a1-4368-b48b-daa798038bd2%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_5cb0175cf2a14368b48bdaa798038bd2_zone_22895_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2233c3f8c2-32d8-2ab9-36c1-c26f0c89c649%22%2C%22tagid%22%3A%228f65d4c9-bee6-4152-9a61-4400a5130b12%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_8f65d4c9bee641529a614400a5130b12_zone_22905_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%224f916350-18f7-7ab7-76b8-8843d8b6636d%22%2C%22tagid%22%3A%2245b41efb-e90b-48c6-9279-355d175966f5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_45b41efbe90b48c69279355d175966f5_zone_22894_sect_6968_site_427%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%2229916b0f-87ab-d2ed-bbdd-162b2f41d626%22%2C%22tagid%22%3A%22348355ac-0bab-4840-80b7-d6e34e44e130%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_348355ac0bab484080b7d6e34e44e130_zone_22900_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22d45c1681-8788-28f9-fbc3-77501be6d6cf%22%2C%22tagid%22%3A%228bbe821d-6929-4cad-8c60-6ae2360f3890%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_8bbe821d69294cad8c606ae2360f3890_zone_22902_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22eac03e15-3506-5388-953a-f895e5c0148b%22%2C%22tagid%22%3A%22822b2297-e3ec-45d7-ae43-6f9014855eec%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_822b2297e3ec45d7ae436f9014855eec_zone_22903_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22f3a8d506-c658-dfa0-2f98-44344e24f94f%22%2C%22tagid%22%3A%223165bf57-bd28-4874-a861-9403c76a3659%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_3165bf57bd284874a8619403c76a3659_zone_22904_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22c1767d41-1f1d-8f20-c5eb-8437e47f947d%22%2C%22tagid%22%3A%2296660d65-1922-4012-81dc-e9d2ea8db1b0%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_96660d651922401281dce9d2ea8db1b0_zone_22909_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22b92df731-7e2c-4446-e84c-5c5e0cd69935%22%2C%22tagid%22%3A%221bc8fc4d-620b-40ca-8e28-03ea36dc881d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1bc8fc4d620b40ca8e2803ea36dc881d_zone_22910_sect_6968_site_427%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A12%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

20945bc99b4d16143ff9cb534d0459a0a0daef202d28973224dec2eb2a45c451

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 5249
X-Xss-Protection: 0

GET
H3-29 200 all.js Show response
connect.facebook.net/ru_RU/ 235 KB
68 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=c24cae60b50f19961d109e3b6e84961a

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80c34c6aee79bcd098096035a375086b502905b64fec1de8485818fcef92eaa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://dynamo.kiev.ua
Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: q4t+c0EPypSoJ9qVcJNXbg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69793
x-fb-rlafr: 0
x-fb-debug: iZcjX6StAu4K3984yLIHj4EBnr17D82MEHFdK3CAxY00KQaluc/ErNkaTk4EMjSJOmT4uycAw5QeRN6FoTrftg==
x-fb-content-md5: 2089174a55529d33bd9ca177346a943e
x-frame-options: DENY
date: Thu, 19 Aug 2021 16:31:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d783a9e1a6f63c77f6708577bbdbe5f0"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Aug 2022 14:05:34 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=952558201&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utm...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=952558201&utmhn=dynamo.kiev.ua&utme=8(User)9(Anonymous)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&ut...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=1840762763.1629390675&jid=1766138724&_v=5.7.2dc&z=952558201
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=1840762763.1629390675&jid=1766138724&_v=5.7.2dc&z=952558201&slf_rd=1&random=1026338664

42 B
107 B

30ms
29ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=1840762763.1629390675&jid=1766138724&_v=5.7.2dc&z=952558201&slf_rd=1&random=1026338664

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2421725-22&cid=1840762763.1629390675&jid=1766138724&_v=5.7.2dc&z=952558201&slf_rd=1&random=1026338664
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 30ms
30ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=126265284105784&input_token&origin=1&redirect_uri=http%3A%2F%2Fdynamo.kiev.ua%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=c24cae60b50f19961d109e3b6e84961a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: lAs10aS2xdPjq7t1MdcUpWmjUaBYt0XiRKD2C9u4SbpHTzB2OpFNksJp4rY24qgwYfnGvC9blVNsNUm1GfNtQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 Aug 2021 16:31:15 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 67dba407fcc5ab79043b.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
12 KB 7ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/67dba407fcc5ab79043b.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226c802d800809388911724cb2866ef95a953f3b7d7724952eeb9c1a8c5010e

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc29
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:23 GMT
Server: nginx
ETag: W/"611e5083-7029"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:17+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:17 GMT

GET
H/1.1 200
OK af7db8beb1a5649acc6d.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
19 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/af7db8beb1a5649acc6d.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 00cad9aa25489d2031eb7aef51ed841f897e49310be617b14b48fcf4d906d3d5

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc34
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:27 GMT
Server: nginx
ETag: W/"611e5087-a7af"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:25+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:25 GMT

GET
H/1.1 200
OK b151d9f35dabae5dcea2.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 12ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/b151d9f35dabae5dcea2.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4de9266c522a99881e22118b28fb5e3659e5a0aa009f49832b93c6bdb7d10511

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc15
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:27 GMT
Server: nginx
ETag: W/"611e5087-326c"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:20+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:20 GMT

GET
H/1.1 200
OK 053bdd204aaa71167403.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 7ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/053bdd204aaa71167403.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0bccd3bcce9ea545911e4e4c3605b70d765db2ae7c905ef02177b53e13deb737

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc34
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:18 GMT
Server: nginx
ETag: W/"611e507e-2a79"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:25+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:25 GMT

GET
H/1.1 200
OK f1550df51649571806fd.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
74 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/f1550df51649571806fd.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ba7410275f7a284d77019e31244ef5a1f02bfc30c5690ba31f7ec9cc75af5c27

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ID: fr5-up-gc29
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 12:37:32 GMT
Server: nginx
ETag: W/"611e508c-355a9"
Vary: Accept-Encoding
X-Cached-Since: 2021-08-19T13:37:18+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Sat, 20 Aug 2022 13:37:18 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 53ms
20ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

pic.gif
pa.tns-ua.com/bug/
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a533dde650034ddf9f322c95df1db6aa
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0DFC4821C44416DB39B4F5E9D949DB0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a533dde650034ddf9f322c95df1db6aa

56 B
174 B

53ms
53ms

Image
image/gif

194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0DFC4821C44416DB39B4F5E9D949DB0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a533dde650034ddf9f322c95df1db6aa
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:15 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
content-type: image/gif
expires: -1

Redirect headers

location: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0DFC4821C44416DB39B4F5E9D949DB0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a533dde650034ddf9f322c95df1db6aa
date: Thu, 19 Aug 2021 16:31:15 GMT
cache-control: no-cache
server: nginx/1.13.0
content-length: 0
expires: -1

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESELmDtJk_khfp6E-IgFbpXbQ&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa

35 B
351 B

56ms
19ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=a533dde650034ddf9f322c95df1db6aa&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=a533dde650034ddf9f322c95df1db6aa&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=8524b107-05d2-52e7-ac20-ddfecd3e5aad&ssp=admixer&expires=30&user_group=1
https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

43 B
448 B

28ms
28ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=
date: Thu, 19 Aug 2021 16:31:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

15ms
15ms

Image
image/gif

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT, Thu, 19 Aug 2021 16:31:15 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 19 Aug 2021 16:31:15 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 101ms
31ms Image
image/gif 52.213.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=a533dde650034ddf9f322c95df1db6aa&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.253.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-253-90.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:15 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4903570474
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ATNWAVkOrybKpNfijZR1_fg

43 B
448 B

39ms
38ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ATNWAVkOrybKpNfijZR1_fg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:15 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ATNWAVkOrybKpNfijZR1_fg
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 17ms
16ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=a533dde650034ddf9f322c95df1db6aa
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YTUzM2RkZTY1MDAzNGRkZjlmMzIyYzk1ZGYxZGI2YWE=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEKbbNsklRVuGfj25MEu0i6c&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa

35 B
351 B

17ms
16ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=a533dde650034ddf9f322c95df1db6aa
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8524b107-05d2-52e7-ac20-ddfecd3e5aad

43 B
448 B

233ms
233ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8524b107-05d2-52e7-ac20-ddfecd3e5aad

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=8524b107-05d2-52e7-ac20-ddfecd3e5aad
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 72 KB
25 KB 33ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0c7428a5368d1e1f867cd11d09ad58291afb94f287b671fb27803bc38e0928ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "963 / 697 of 1000 / last-modified: 1629385140"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25435
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 80ms
26ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=a533dde650034ddf9f322c95df1db6aa&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=997120df-3923-4fde-b61e-14a9e2562666&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=6%2C1%2C491&ts=637649874751819844&ap=MA%3D%3D&asign=-1233949871&sync=3%2C45&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=aba35822-afd4-43c4-9f24-a4bee16505f8&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 80ms
28ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=a533dde650034ddf9f322c95df1db6aa&cet=4&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&rule=F65818D0-964B-48DC-8DB7-9739FCA90279&requestId=997120df-3923-4fde-b61e-14a9e2562666&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=aba35822-afd4-43c4-9f24-a4bee16505f8&inst=ADS-EU-6&ts=637649874751819844&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-29 200 pubads_impl_2021081801.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
115 KB 477ms
447ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118094
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
118 B 59ms
30ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dynamo.kiev.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2d24328d97b1db03c805527dccc25d795d527bb27887aa1c89e4e90e90634065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:15 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 26ms
25ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 18ms
17ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 22ms
21ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 18ms
17ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 17ms
17ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_680803&url=http%3A%2F%2Fdynamo.kiev.ua%2F
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_680803&url=http%3A%2F%2Fdynamo.kiev.ua%2F

28 B
553 B

57ms
56ms

Script
text/javascript

37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_680803&url=http%3A%2F%2Fdynamo.kiev.ua%2F

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b14c6a85e087cd9d51bdb74c7cd922665ba2b8cc5da07cd0e49f29bb6ef48dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 148
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_680803&url=http%3A%2F%2Fdynamo.kiev.ua%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 26ms
26ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 27ms
27ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 28ms
27ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 28ms
28ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 24ms
24ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 28ms
28ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/a6c594b5e52a93d3c19f.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dynamo.kiev.ua
date: Thu, 19 Aug 2021 16:31:15 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 cm-notify
creativecdn.com/ 42 B
243 B 20ms
19ms Image
image/gif 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:15 GMT, Thu, 19 Aug 2021 16:31:15 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
148 B 32ms
31ms Image
image/gif 52.213.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=e4b56348d9514638bc3d8378dfdcd07c&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.253.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-253-90.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:15 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 18ms
17ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=e4b56348d9514638bc3d8378dfdcd07c
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTRiNTYzNDhkOTUxNDYzOGJjM2Q4Mzc4ZGZkY2QwN2M=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEKbbNsklRVuGfj25MEu0i6c&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTRiNTYzNDhkOTUxNDYzOGJjM2Q4Mzc4ZGZkY2QwN2M&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEKbbNsklRVuGfj25MEu0i6c&google_cver=1
https://x.bidswitch.net/sync?ssp=admixer&user_id=e4b56348d9514638bc3d8378dfdcd07c&gdpr=0&gdpr_consent=null&us_privacy=null
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=4c62d62c-81e5-4692-a889-0f443bfe2a9c
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=4c62d62c-81e5-4692-a889-0f443bfe2a9c
https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

43 B
448 B

32ms
32ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=
date: Thu, 19 Aug 2021 16:31:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
174 B 54ms
53ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e4b56348d9514638bc3d8378dfdcd07c
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:15 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
content-type: image/gif
expires: -1

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=e4b56348d9514638bc3d8378dfdcd07c&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_068e7443-df2c-4ab3-8c12-7564b5c21faf&bsw_param=4c62d62c-81e5-4692-a889-0f443bfe2a9c&expires=10
https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

43 B
448 B

73ms
41ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=4c62d62c-81e5-4692-a889-0f443bfe2a9c&gdpr=&consent=&gdpr_pd=
date: Thu, 19 Aug 2021 16:31:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 27ms
26ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=96660D65-1922-4012-81DC-E9D2EA8DB1B0&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=7f2fde2c-d9f4-4b0b-bca7-d8d633dfb761&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=6%2C491%2C1&ts=637649874751909937&ap=MA%3D%3D&asign=-1446156293&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1DA3 100 KB
36 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b3541d8c9c4d6f20d6bc81fcc22fa9450f48a6a4377b15301bb04d3e8945fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11735731957370103049
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36078
X-XSS-Protection: 0
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 28ms
27ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=8BBE821D-6929-4CAD-8C60-6AE2360F3890&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=f353beea-63f4-4b64-a7bf-0ab651d293a8&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=-847706715&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 27ms
27ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=8BBE821D-6929-4CAD-8C60-6AE2360F3890&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=f353beea-63f4-4b64-a7bf-0ab651d293a8&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3353 100 KB
36 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b3541d8c9c4d6f20d6bc81fcc22fa9450f48a6a4377b15301bb04d3e8945fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11735731957370103049
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36078
X-XSS-Protection: 0
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 28ms
28ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=822B2297-E3EC-45D7-AE43-6F9014855EEC&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=baf125cb-ed9e-4850-bfbc-9664d8241964&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=92045386&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 27ms
27ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=822B2297-E3EC-45D7-AE43-6F9014855EEC&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=baf125cb-ed9e-4850-bfbc-9664d8241964&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 28ms
27ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=3165BF57-BD28-4874-A861-9403C76A3659&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=bece1061-d37e-48f4-9874-660d8feb8401&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=6%2C491%2C1&ts=637649874751909937&ap=MA%3D%3D&asign=-2003927560&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 37ms
27ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=3165BF57-BD28-4874-A861-9403C76A3659&rule=8A706655-F96C-45CE-840A-CB9EB7D45A48&requestId=bece1061-d37e-48f4-9874-660d8feb8401&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:15 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 27ms
27ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=1BC8FC4D-620B-40CA-8E28-03EA36DC881D&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=23cd0a04-e86c-499c-86a2-3aa2666d9db0&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=6%2C491%2C1&ts=637649874751909937&ap=MA%3D%3D&asign=-286832447&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 36ms
35ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=ED65A398-E39C-4C65-8A6E-D40DE05EF36A&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=667fb05e-57f9-41b8-ac11-b6c15a1f01bf&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=889704311&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 34ms
33ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=72f13d57-abb8-4807-8780-b95fe9585ae5&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=6%2C491%2C1&ts=637649874751909937&ap=MA%3D%3D&asign=-1847144133&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4399 100 KB
36 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b3541d8c9c4d6f20d6bc81fcc22fa9450f48a6a4377b15301bb04d3e8945fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11735731957370103049
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36078
X-XSS-Protection: 0
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 28ms
27ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=45B41EFB-E90B-48C6-9279-355D175966F5&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=479266b9-1745-4789-b513-89984140ac17&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=-1600560494&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 36ms
35ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=45B41EFB-E90B-48C6-9279-355D175966F5&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=479266b9-1745-4789-b513-89984140ac17&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 35ms
33ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=8F65D4C9-BEE6-4152-9A61-4400A5130B12&device=28&rule=BBA16E76-999A-475D-82BD-116BB5690D55&requestId=b5b57556-1dc8-413b-b32f-cefeaad5fa61&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=-935303050&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AF35 100 KB
36 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b3541d8c9c4d6f20d6bc81fcc22fa9450f48a6a4377b15301bb04d3e8945fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11735731957370103049
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36078
X-XSS-Protection: 0
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 69ms
34ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&device=28&rule=221713D4-72C5-491B-AF53-2E01E02D6E4B&requestId=66b34e43-881c-47da-8d09-3daa472a14a1&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=1198535884&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 36ms
27ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=66b34e43-881c-47da-8d09-3daa472a14a1&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 41ms
26ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=296B5670-49A2-42B8-BF85-3D039DA56B6A&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=f05880e6-0d84-4379-a353-d3c83ea1f940&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=1%2C6%2C491&ts=637649874751909937&ap=MA%3D%3D&asign=-89008012&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 45ms
45ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=296B5670-49A2-42B8-BF85-3D039DA56B6A&rule=8056BFE3-20E9-4468-AEB2-D0CA3D97D64E&requestId=f05880e6-0d84-4379-a353-d3c83ea1f940&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame 1DA3 252 KB
94 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame 3353 252 KB
93 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame 4399 252 KB
93 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ Frame AF35 252 KB
93 KB 128ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 35ms
31ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&device=28&rule=838FB5F5-9F82-45FC-902E-7DDA8CEA203F&requestId=72f13d57-abb8-4807-8780-b95fe9585ae5&hp=-1794277686&page=dynamo.kiev.ua%2F&segments=491%2C1%2C6&ts=637649874751909937&ap=MA%3D%3D&asign=-1847144133&sync=45%2C3&bt=3&carr=WorldStream+B.V.&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=4252E48D-BFA6-44BA-8ABF-03CC8F32E858&inst=ADS-EU-6&pxl=0&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&ip=159.48.55.5&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&adv=Adform&dsp=Adform&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 36ms
32ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&rule=C6004C05-3D56-418F-B7BC-DAF1845CC5AD&requestId=72f13d57-abb8-4807-8780-b95fe9585ae5&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1DA3 204 B
406 B 52ms
50ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3064647383031638&plah=dynamo.kiev.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

32247523683039a015208bec17c20beccddfc2281d31083661666c8c2cd3ec06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1DA3 107 B
853 B 42ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1DA3 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8DA 21 KB
10 KB 207ms
205ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae3ee2c41158bfc0e92f0490a35ddaec2eb6e52c7701b42c6c1567c9de1063c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmc9UiAWOAH2HcorNiK97DqL50yhrxwqIStOEsNRzDBzw7-EUvTfzUhxVXnD5U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Aug 2021 16:31:16 GMT
server: cafe
content-length: 9993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DA3 72 KB
28 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
853 B 38ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
19ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
8 KB 300ms
297ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2225001552241854&correlator=2540194293475623&output=ldjh&impl=fif&eid=31062329%2C31062227%2C20211866%2C31062297&vrg=2021081801&ptt=17&sc=0&sfv=1-0-38&ecs=20210819&iu_parts=29636627%2Cdynamo.kiev.ua_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1629390676&dt=1629390676364&dlt=1629390674184&idt=2132&frm=20&biw=1600&bih=1200&oid=3&adxs=1015&adys=289&adks=3945306440&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=370x250&msz=300x-1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=976597661&ga_fc=true&fws=4&ohw=370&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6535531dadafc8f6007ac795e52019ffa0ad64d6b4d54db6360acc7c083a1d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7902
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E63 6 KB
3 KB 49ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:31:16 GMT
expires: Fri, 19 Aug 2022 16:31:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 442 B
254 B 500ms
500ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2225001552241854&correlator=2540194293475623&output=ldjh&impl=fif&eid=31062329%2C31062227%2C20211866%2C31062297&vrg=2021081801&ptt=17&sc=0&sfv=1-0-38&ecs=20210819&iu_parts=29636627%2Cdynamo.kiev.ua_728x90_6&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1629390676&dt=1629390676375&dlt=1629390674184&idt=2132&frm=20&biw=1600&bih=1200&oid=3&adxs=215&adys=11870&adks=3523040260&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=770x90&msz=728x-1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=976597661&ga_fc=true&fws=4&ohw=770&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b0fa118fc19e0ea6425d6c31149f9974ffffde5f5d4661d5d96f85d65d9d0f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 728ms
727ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2225001552241854&correlator=2540194293475623&output=ldjh&impl=fif&eid=31062329%2C31062227%2C20211866%2C31062297&vrg=2021081801&ptt=17&sc=0&sfv=1-0-38&ecs=20210819&iu_parts=29636627%2Cdynamo.kiev.ua_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1629390676&dt=1629390676376&dlt=1629390674184&idt=2132&frm=20&biw=1600&bih=1200&oid=3&adxs=215&adys=2869&adks=1024865426&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=370x250&msz=300x-1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=976597661&ga_fc=true&fws=4&ohw=370&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

96ed390d6f23cdc224aac2348b3a6db61ed51d173da81f4e911a6966e27bd03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10031
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
260 B 874ms
873ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2225001552241854&correlator=2540194293475623&output=ldjh&impl=fif&eid=31062329%2C31062227%2C20211866%2C31062297&vrg=2021081801&ptt=17&sc=0&sfv=1-0-38&ecs=20210819&iu_parts=29636627%2Cdynamo.kiev.ua_300x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=23&abxe=1&lmt=1629390676&dt=1629390676378&dlt=1629390674184&idt=2132&frm=20&biw=1600&bih=1200&oid=3&adxs=1050&adys=4058&adks=3449986587&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fdynamo.kiev.ua%2F&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=976597661&ga_fc=true&fws=4&ohw=300&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0d94f2e2229ac84f2fd70e7698826e3654b076fd80e8c797e72dc0a782bdaf3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://dynamo.kiev.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 27ms
27ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=a533dde650034ddf9f322c95df1db6aa&cet=9&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&rule=F65818D0-964B-48DC-8DB7-9739FCA90279&requestId=997120df-3923-4fde-b61e-14a9e2562666&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=aba35822-afd4-43c4-9f24-a4bee16505f8&inst=ADS-EU-6&ts=637649874751819844&sf=0

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 55ms
31ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=348355ac-0bab-4840-80b7-d6e34e44e130

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 53ms
27ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=371e73f5-9f85-4bf5-a811-87cda8e1dc6b

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 82ms
34ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=6f66d37e-5989-4e49-8e9b-1699cfca899d

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3353 204 B
217 B 44ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

16d1b9cbd716cc78592728adf7f741bdba2e0f7834d1b84f1451222b8ec86462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3353 107 B
122 B 34ms
18ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3353 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1184 21 KB
10 KB 134ms
133ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eca7aa12672056dfcacdde314f5b5c2f1346d6ed97a2376deecd17780fb9fbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmc9UiAWOAH2HcorNiK97DqL50yhrxwqIStOEsNRzDBzw7-EUvTfzUhxVXnD5U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Aug 2021 16:31:16 GMT
server: cafe
content-length: 10106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3353 72 KB
27 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4399 204 B
215 B 45ms
45ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9e58eb23b8d34146dd4b23ff9c371b62278c775222b7ece8a7c28be4141dbe1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4399 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4399 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62BE 20 KB
10 KB 150ms
148ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c59a7beda020a75d3f425fcb416af90e35262e1dd1598b229ba3968d139e9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmc9UiAWOAH2HcorNiK97DqL50yhrxwqIStOEsNRzDBzw7-EUvTfzUhxVXnD5U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Aug 2021 16:31:16 GMT
server: cafe
content-length: 9869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4399 72 KB
27 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame AF35 204 B
216 B 31ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dynamo.kiev.ua&callback=_gfp_s_&client=ca-pub-3064647383031638

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c374507317ba322a3db297f46fdf667abcd2d8f56197da6f1cf1e659e61b838d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame AF35 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame AF35 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dynamo.kiev.ua

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36A0 21 KB
10 KB 137ms
137ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

209a309513e175174b80ab2a79537a219f780ce2989c9b1455c634f7c8ca22e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmc9UiAWOAH2HcorNiK97DqL50yhrxwqIStOEsNRzDBzw7-EUvTfzUhxVXnD5U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Aug 2021 16:31:16 GMT
server: cafe
content-length: 10633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF35 72 KB
27 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame C8DA 2 KB
1 KB 58ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:45:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8DA 124 KB
37 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame C8DA 14 KB
7 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:46:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C8DA 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRd--fTX4kWpO9buKfoMeiI3n17kmtSqCrTmoaWse1nXtw2Q8W4kT69LRcM9H7iO6PwhIj1TEaBJJ94E986scm-XVP6UQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8DA 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV7KAVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSmAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXxeRjfyTwF7wkYqIRZOPGjZPzaABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMwNjQ2NDczODMwMzE2MzgYqskg&sigh=oqMVi11jX_g

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 Aug 2021 16:31:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C8DA 0
0 48ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jpzyrpzz0w1e2s5zeey7f9g34hkhj25mfxr9ddcphsxhpbbe2mwy6tmk6fdw74jybn0r887q97vr8cy9ek3gn3mxrrrt0kv4cyhnv3ew4rczagat11g3fndrdktkbxfqw1whkc84rk50jtmvdpcwpx4vsb7crb03k8ee31359d1by500p432d7z59bhrzpvxcz2ycx4ym7dm4e7pd2b21saq6apse0126kx7rm3be84838pptykynnavmg4fs8ywk81j3h6rk1fsjdry9dbg1s583q9h4yx6qkw1mnf6azvdxc4kckbdcbft4y292kcan4bnsr7ryjqz7ytkha9pszspvz01bcejabktgzkkk3ke667nd2rkrcaa6kg7a5j9s5dj7m0y4&b=YR6HVAAEIt4K5UYEAAOeYeSIx5BJmhtI3Xg80w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 3BC0 2 KB
2 KB 47ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e34492fff6966e0ded2d7e470f377734ba6bb2d43e344859853038af6d9a25a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6814c57099262bc6-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ADB4 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48131
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 1184 2 KB
1 KB 37ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:45:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1184 124 KB
37 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 1184 14 KB
6 KB 29ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:46:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1184 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5e5OZb7Evkz4nAvLeg0SwU2ProIH1OTMKAe6L9ymqjNeEumAW4aHx6HE_wcjxURHH90M4ktNiS0CEYfWtSZxK9Jp9CA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1184 0
0 39ms
38ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1wX_VIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSmAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZwppdZZ2udtVQbJ1MRn9Ns-hUeABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMwNjQ2NDczODMwMzE2MzgYqskg&sigh=qDJ8UVXhQjA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 Aug 2021 16:31:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1184 0
0 28ms
27ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kvfr1g00wg8dgry1frvp5d69dp64ee5bzkn9bfe8q7xga9pe4c80vvfa3xt2enz5wm3b9g7k7bk0ry39a7rrn0d3b0ax8n75682xxqwdhszj39cjtdbcs53x14j54pmesk6y6qm36qjzsnj7fqf1j23zcas4xf5pqfp23cfaceg9h6jkdja8cedtzd8ej8wvvrhcv8612tfesvvca8w97f4tgbt5p3y3ajdgrg0qzgmd9ymc9zd0tnwdjg4e5v6t3vsh3arsq8w2wjgyfqc0rsr5pg0rv4gwb5mewehypms0d6pyg3rbyw99pgd45sez4s5wmn2keqs8h82yj92xdpsb3gw8dhexfrd4z761bfqnjgjna43qr6x7rby3kk25e5sv1rwh4&b=YR6HVAAGlFQIu-IIAAu-2eWQBS7fRxNZyIGhVw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 66A9 2 KB
1 KB 29ms
23ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6241aef2438e8bfeff5b1563cffa3d651739da2b6696ddee09986770d7a433c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7b12
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6814c570a9282bc6-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B36D 1 KB
749 B 32ms
27ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48131
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ADB4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8XDyVBEXlkPYftP6MyATo&google_cver=1&google_push=AYg5qPLSgbYahz3kDF1ymbqhPCMTJ4Y8YLd0YS3-fuMQuLz3D6TIhAdNaEC2jGBRxHhV9banmTDV24Jna0j66nzveqsnnC6Amg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQyNzgzNTcxMjUxMjE2MDgwNQ==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1

43 B
407 B

32ms
12ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614957&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675930&bpp=8&bdt=70&idt=222&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=2&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=728343284&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=8501&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44745303%2C20211866%2C31062182%2C31062297&oid=3&pvsid=320570629779701&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.86kaqvqcx5r7&btvi=1&fsb=1&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ADB4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_push=AYg5qPIRQEU4rwiwNop9MvAg5BLl0CjvkYXXKe1I8eVfuARa7V-7Zhjpw6...

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_push=AYg5qPIRQEU4rwiwNop9MvAg5BLl0CjvkYXXKe1I8eVfuARa7V-7Zhjpw6AZNXDUbdp9TU0AjUgydNOyJGYDCCTpbBQEKfKuhv4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1629390677.625235,VS0,VE88
x-served-by: cache-ams21081-AMS
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_push=AYg5qPIRQEU4rwiwNop9MvAg5BLl0CjvkYXXKe1I8eVfuARa7V-7Zhjpw6AZNXDUbdp9TU0AjUgydNOyJGYDCCTpbBQEKfKuhv4
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ADB4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB-zQWPnzyUnZHlQncvh1OE&google_cver=1&google_push=AYg5qPI8t5Gs_WPNn_mpcSz07hKLdPp9D-eexWgesOptP50zoXfvSGVzVMQKRxvVYUjAQFjcMtsJJB7LhmMHp6rw...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPI8t5Gs_WPNn_mpcSz07hKLdPp9D-eexWgesOptP50zoXfvSGVzVMQKRxvVYUjAQFjcMtsJJB7LhmMHp6rwdKF1ez7ysFQ

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPI8t5Gs_WPNn_mpcSz07hKLdPp9D-eexWgesOptP50zoXfvSGVzVMQKRxvVYUjAQFjcMtsJJB7LhmMHp6rwdKF1ez7ysFQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPI8t5Gs_WPNn_mpcSz07hKLdPp9D-eexWgesOptP50zoXfvSGVzVMQKRxvVYUjAQFjcMtsJJB7LhmMHp6rwdKF1ez7ysFQ
x-host: tde-deliveryengine-production-75454cbd8f-5d7k6
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ADB4
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEE3CbEWjaPpUXD0A5gEh3wo&google_cver=1&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA&google_hm=TGLWLIHlRpKoiQ9EO_4qnA==
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA&google_hm=TGLWLIHlRpKoiQ9EO_4qnA==&...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA&google_hm=TGLWLIHlRpKoiQ9EO_4qnA==&google_tc=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJwScNxYo1dJumkL4RDJVEx2pl5KcLRIi7ab9NZguDyrEdnvT3hRjXfeY2fTZpQqgpSY9m6ZdC9ZBiPDn0tLvDo263LDA&google_hm=TGLWLIHlRpKoiQ9EO_4qnA==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ADB4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGEmwRGLpwiWLQlOJffSrSM&google_cver=1&google_push=AYg5qPL35gunbFCnBOh_spxQDv-LqFcyiE13sEGxc0qWKXXzJS3-c5XQkLQKD3Gsqyh5DvHkgS3TqFJw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPL35gunbFCnBOh_spxQDv-LqFcyiE13sEGxc0qWKXXzJS3-c5XQkLQKD3Gsqyh5DvHkgS3TqFJw...

170 B
188 B

39ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPL35gunbFCnBOh_spxQDv-LqFcyiE13sEGxc0qWKXXzJS3-c5XQkLQKD3Gsqyh5DvHkgS3TqFJw3_6DsmcRgiQxpJDmpSE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPL35gunbFCnBOh_spxQDv-LqFcyiE13sEGxc0qWKXXzJS3-c5XQkLQKD3Gsqyh5DvHkgS3TqFJw3_6DsmcRgiQxpJDmpSE
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ADB4
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENHKoPT5V8ncub50kW58CLc&google_cver=1&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8
https://rtb.openx.net/sync/dds?google_gid=CAESENHKoPT5V8ncub50kW58CLc&google_cver=1&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8&google_hm=p4dAZgLpxbQI1Ts83crObg==

170 B
188 B

41ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8&google_hm=p4dAZgLpxbQI1Ts83crObg==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLhIcDFfD5QB5hC1gtN5-OzWzqcnnqPOIzMwSvi6ddIJeZ-FATnF3nX5f4fQ0_aiUiEpi37HfFPJwCVcn4mzRA1-QdwnA8&google_hm=p4dAZgLpxbQI1Ts83crObg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: u341bmeqdd2o5578gdl2mu1ca3mqld58

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ADB4
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOw...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOw...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AF...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKJXOeWnVSefYzZkVqYl_Rg&google_cver=1&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AF...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlMDUwNDM4NC0wMTBhLTExZWMtOTEwZi0wNjcxMGVkZjEyZGM%3D&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlMDUwNDM4NC0wMTBhLTExZWMtOTEwZi0wNjcxMGVkZjEyZGM%3D&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlMDUwNDM4NC0wMTBhLTExZWMtOTEwZi0wNjcxMGVkZjEyZGM%3D&google_push=AYg5qPJidHZiy4GKXBtL3Zmv0LRTVWloUxla1UURAGIO8Gygp5h4AFOwgNvVIFKuc9XCkYhfQj5qKXaPmB58PaYiI9QCJVRrTL8
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ADB4 0
50 B 44ms
29ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHXiO-1f8nsEfaRF5sXiOAUMsSyrgo4adX-PCwBCiXozpmdISRuWoZlke-4o8LiZFsR8f_8g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C8DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20837e5ff0650aa9f546e8b338df21849156aa07c12907a5a1cabdbfd7247121

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1184 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 221b9da9d943d28b179cc428ef6a4526db15d2ee140a5b3d9bfe50a200121eda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7CBE 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:31:16 GMT
expires: Fri, 19 Aug 2022 16:31:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 62BE 2 KB
1 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:45:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62BE 124 KB
37 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 62BE 14 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:46:16 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 62BE 0
0 31ms
29ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFmEoVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEoAFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MoxT4GN_9ZNK5PyJjwsh5s8a_2gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMDY0NjQ3MzgzMDMxNjM4GKrJIA&sigh=taBg3FEmV68

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 Aug 2021 16:31:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 62BE 0
0 367ms
366ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gywbm719m09h6fp8jvm22j7j251q164vmfq8z1rekkaann69c0gjgb8c40qjhw41f3syp32b47nv450ny86x2fan8n7qt8t63ahm8rzme7tx2wctjr3wcwee78qqd7fb8h0vee67354p7pxv8br21d0srh6mf6ydm8sptdxmaz2hkwx0823aenmjczshahyvpqh1xz33scwj8jgqqxp839bk3zyntr22z1aznfjtmh3m8s3ffnkprgs5nahtebqjpmscsk4xpj6d1w2bzd1tec8sawakjkymersr3ajt3bgbs9gzm0w5xa2hm7h6fwkz43s8fxyabvtywg8ajje01hk3dmdrckcd16e61mme8z038017wkjd57kzh29zp2k27z5ejazx8&b=YR6HVAAHHoYIu_EhAAZH34GPjWjEsS1jnkN5dQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 1E5B 2 KB
1 KB 20ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2969a8a19f7d23c6f67ab9cc9e0da46b111208e864e8b2572e133cb0c67f1214

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7b12
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6814c571ab702bc6-FRA
content-encoding: br

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4DC9 1 KB
864 B 11ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48131
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 36A0 2 KB
2 KB 105ms
34ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnM01UTXpNR1V0WXpFNVlTMHdOV1JpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3Mjk1NDY3NzMzNzQzOTM5MzQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGOHZYbGpjTzRNbXRLa045NGpwbmJPay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzI5NTQ2NzczMzc0MzkzOTM0L3pyaC8wLzMzNS83Ny85OTkvMzIyLzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjkzOTA2NzYvMTYyOTQwMzI3Ni80L3B1Yi0zMDY0NjQ3MzgzMDMxNjM4Lw/bUyFzL4a4TCssbxDR_G3NThjz_4&nodeid=1626&group=eu&auctionid=2729546773374393934&shardkey=2729546773374393934&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%26client%3Dca-pub-3064647383031638%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.203.0 /
Resource Hash: dd5fb9d26236d1318518587b39b2d39500b894a76499df1331b5826551a76863

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1629390676
Last-Modified: Thu, 19 Aug 2021 16:31:16 GMT
Server: MMBD/3.203.0
x-mm-latency: 4 (3)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x39, zrh-bidder-x137
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 36A0 2 KB
1 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:45:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36A0 124 KB
37 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 36A0 14 KB
6 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 14:46:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 36A0 0
0 17ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTA76QiedMa7zgmWyoIsZrSk2o8AaZl2kJdRR6aKNKXr9wY9deJUvqGmsrsBZq26K4js8fN-lYAW7d3en4VjkDWFRJshA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36A0 0
0 37ms
34ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CILHCVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKEBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvupu7WM4P_yFf62-xf92RDcsE2uABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMDY0NjQ3MzgzMDMxNjM4GKrJIA&sigh=RSCFCasunoU&tpd=AGWhJmvoywxA9wAowiKPrfsihbI08ADzUomS0XX6WzuOUBmQNEHkQFj4VCFmy9ehkm87MYLhrYyWbX3mYUmgkv0PKX-m_1ag1aIHohzhIXMoKOfz72ecRJVHArhy1Mu906RBxl9byXQUNYtknu05GV66jwy1K2rhsYVuyo5YZxtOlvWf3I1lgsOZJ658jYyJELNBvgRKc1hoazidlMmKBh1h4W6SQA0pMiY5LiQGQMZAwqPU7lKpqMzYowW7rRSugp_fWqLSSRc-9u8c0qXwyouyz9AjrKLxGjdOLptFQSMI5aCUa2dmw68B5zzTC3W90D7V25r2XU5wGf8ZYMbAZzjf72vTmRA5weIZPyJTyhTScOHIYXp8dAkREy9QrCDlezD3NzHLd76trAP1DDMh2o-zeMYTUiatPFjVoAupu3xFhqY0SsKapBRvOi8BZQ_Xp43FzWWKkTuaYQ9_w4I97qJtLNayprURzxqnzOYJS-C0zRh9WQeq0R1ZOyv-Ur2juSjTEDZ_9lnhpW5scq2nvbmJ06rXDqipkdc-CSyxb3OiHgKU1lDD1mUvr1-v3Sw8xDquTKj1qwg6NVZHZglvS4yO-rIM6KLcWy5J7XegTQYnyyP46WvTw7y0CJ5wlzUjfJhmOGeJxWTIA9zTwiuOfAd63suwA5p_OuE1zzABW1HeJM_iF-JrOK1dsdCg5nu1rQ3aH6dHxHyJS4kmAVNXeIGTvlZ9i8K9-sThPciXMoi65V7w2VheBz3VEX__00K4o07R2HU7pxDbW9LzSHSmb84BMoQHo7ux-h673eZg5Woty4YAK6Cqbknz6L3IoIAWNqhO2pnYqaNpZ14i2n5xxAsU6z1eznHkmE4kYXHvUxy6AcoRduy1ohZFc3tnNejqMQjfFaQI96XswPJzNrn_IjFXgXRw7bm8qNr64d_THw-EvK3-mUuW-fFHYlA83Z96Etq7axT3G_FIQ7ydDODHEn6fn_DPw2N8wNjfyLRlIb82W2wS7ggceMg04WJWDonTUXOuVPQGz_ZVoZXT_SMuHnxSivA3rOZ85val9ckIt4S96evJnA_Pzr0taIi7PAT3Gy84i73pnw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 Aug 2021 16:31:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 3BC0 58 KB
58 KB 25ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Thu, 19 Aug 2021 16:31:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4514338
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAnAdhFNiVoSv%2BQzEQd%2BAXlt3Qc%2FsBX99%2B2pehWwsj0P7J90eVWwTBWi87UlfAJPocgEAzzfsZsV7sg5rCLRDqg7rQlkqvR6%2BuemLb9BAr482mOOHFxl3eJN9uO9E69BJM%2FxeUQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 6814c571bb982bc6-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 3BC0 36 KB
12 KB 26ms
23ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32880
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fsq2NemNOBojCtxNObO7QpuBkV%2FLz5iaymBox6IQsD4WiYSv5UybdF%2BMaFL3cUKJQ7Of7x1dljhObMaI4ywiEQ9CNandWXDpOy6f6xmWcrX7b5F0T8UrMXpg8JoZBB11eJGMeRQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Thu, 19 Aug 2021 07:23:16 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6814c571bb9c2bc6-FRA
cf-bgj: minify

GET
H2 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 66A9 58 KB
58 KB 18ms
14ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Thu, 19 Aug 2021 16:31:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4514338
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB8aHwz2UmJgWYhRbYXeaYF%2FPrrqGazBlrv6dN7tfqHVjMgfQyVYcJRUFR0kUmuNlSOqpqonxtl3paw4wMAaGa0ZNFJVOWmnjTOngz%2B7WIRO%2B%2BI9bk1yzLdlwRaWyu8dxi33wW0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 6814c571bb9b2bc6-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 66A9 36 KB
12 KB 26ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32880
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfmMbshEHjLdHIJHrr1rHGFY2bToAzYI%2FWr6tWLYBjZQkyxWF2S7b9tCWIb1DvES8dLjm1Ik9slRS4yXA6zP0SE19u6gTnh1W0Lsb8l3yA5wQjajJvEQNBRGtP3N%2FlhWo4rHOA8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Thu, 19 Aug 2021 07:23:16 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6814c571bb9d2bc6-FRA
cf-bgj: minify

GET /
google2waycm.netmng.com/cm/ Frame B36D 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B36D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8XDyVBEXlkPYftP6MyATo&google_cver=1&google_push=AYg5qPLfQwqBYr7Ni9cfiytyzBe3WzHl2hktbdzjIYVmP0lrRJkf8VRvWPK_M4Iz_btNsZm74KgUiDlk-Ut2cUCe8OT9YTJ53uc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQyNzgzNTcxMjUxMjE2MDgwNQ==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1

43 B
407 B

16ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B36D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVI2SFZBQURvaEtpNGdCZw==&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_cver=1&google_push=AYg5qPLS6RWJcvxr6--BnlepbyX89gsdgY...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVI2SFZBQURvaEtpNGdCZw==&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_cver=1&google_push=AYg5qPLS6RWJcvxr6--BnlepbyX89gsdgYH_kGq4itWdwf3qBb9pS2hgDyVz6UKMkQLK-6TPNMaO6V48ZqO-mUD3DEJsXMV_-as

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629390677.769287,VS0,VE0
x-served-by: cache-ams21081-AMS
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVI2SFZBQURvaEtpNGdCZw==&google_gid=CAESELaXjmT36MQ9s6LwoexCypQ&google_cver=1&google_push=AYg5qPLS6RWJcvxr6--BnlepbyX89gsdgYH_kGq4itWdwf3qBb9pS2hgDyVz6UKMkQLK-6TPNMaO6V48ZqO-mUD3DEJsXMV_-as
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B36D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB-zQWPnzyUnZHlQncvh1OE&google_cver=1&google_push=AYg5qPIfXgKzt1fUdkroaY3zQsg_jG3v9PmI-wwT524BzmZgwR0HYo8B8fuLFkCkZ9jADjpX6DTxwhAOMsrkYDdm...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIfXgKzt1fUdkroaY3zQsg_jG3v9PmI-wwT524BzmZgwR0HYo8B8fuLFkCkZ9jADjpX6DTxwhAOMsrkYDdmxItgf9h9Nw

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIfXgKzt1fUdkroaY3zQsg_jG3v9PmI-wwT524BzmZgwR0HYo8B8fuLFkCkZ9jADjpX6DTxwhAOMsrkYDdmxItgf9h9Nw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIfXgKzt1fUdkroaY3zQsg_jG3v9PmI-wwT524BzmZgwR0HYo8B8fuLFkCkZ9jADjpX6DTxwhAOMsrkYDdmxItgf9h9Nw
x-host: tde-deliveryengine-production-75454cbd8f-vzs5f
alt-svc: clear
content-length: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame B36D 43 B
422 B 48ms
14ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEOYUm_NpPyI9JmrGxJ6h8Rg&google_cver=1&google_push=AYg5qPIq1sGGZ3OKIsdoGicrjUyKC3ulixrpzqpxQr8QSzKT662VrRkhA3dq6Dp5lt4v20DFXHZatHkHYbKf9AArmMWZBrSp7Zw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 20 Aug 2021 16:31:16 GMT

GET

pixel
cm.g.doubleclick.net/ Frame B36D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poB...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B36D
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPqDHbuR1vW0U3TxgNynvt0&google_cver=1&google_push=AYg5qPKwawyxWLGeqZvc-gp2EbjgfwzkCArKPHpFOjM8EHgAG7jcXiOj3W6UNkM0feFEv6SoB4CyQf...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKwawyxWLGeqZvc-gp2EbjgfwzkCArKPHpFOjM8EHgAG7jcXiOj3W6UNkM0feFEv6SoB4CyQfcgbn-hFXEsIa0ugMyaV8c&google_hm=MjI5Njk5MDQ...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKwawyxWLGeqZvc-gp2EbjgfwzkCArKPHpFOjM8EHgAG7jcXiOj3W6UNkM0feFEv6SoB4CyQfcgbn-hFXEsIa0ugMyaV8c&google_hm=MjI5Njk5MDQzNzU5MTUwNjc3OQ%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKwawyxWLGeqZvc-gp2EbjgfwzkCArKPHpFOjM8EHgAG7jcXiOj3W6UNkM0feFEv6SoB4CyQfcgbn-hFXEsIa0ugMyaV8c&google_hm=MjI5Njk5MDQzNzU5MTUwNjc3OQ%3D%3D
date: Thu, 19 Aug 2021 16:31:15 GMT
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame B36D 0
12 B 49ms
33ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGshKn86Azg8zsrcg2TXCMgpRJYq3jAla1fRAk6qVF6KQbjkcXExifpxj6pPsufAy0TWHG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614954&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675939&bpp=19&bdt=70&idt=466&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=2057725617&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=10717&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=1325028995793737&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6hz4atqidvv&btvi=1&fsb=1&dtd=476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EBD8 624 B
297 B 26ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBCeqZUCGPnt5ZsBMAE&v=APEucNWhGv0r8pDhsxhbkDSD7xfFP-k5WCBPYhzNa-bCJGQf5Li2a6kxrp44RjprwW4iY4N7qltjeYF5rCxAKrfyMsXboFLSrpQKImLEi2iS7ZO8C_niz8Bo7cS9rdIAcrgEQ0j8RI4KHcdFEgyHGAh_l0uAzR_JxRgRAyqWujdmv842o9pAntQ

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CKTkFBCeqZUCGPnt5ZsBMAE&v=APEucNWhGv0r8pDhsxhbkDSD7xfFP-k5WCBPYhzNa-bCJGQf5Li2a6kxrp44RjprwW4iY4N7qltjeYF5rCxAKrfyMsXboFLSrpQKImLEi2iS7ZO8C_niz8Bo7cS9rdIAcrgEQ0j8RI4KHcdFEgyHGAh_l0uAzR_JxRgRAyqWujdmv842o9pAntQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmaibKt5NubTydsa8BBGTAy03IxKmTLj6Dlu750hI4FCwo4Qww8XkoXEpw2P1A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 19 Aug 2021 16:31:16 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7CBE 74 KB
29 KB 62ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbJ1L-BI1eiwX1wzaMqvn0TScXrhibatsPEWj_p9jZQSWJYk4Fn5m2U9uPD-xEjv32lP_PN09XirSy_Kl5jmhFLYqcfVGz9f1K0xLn_yR6mB4yVkzMp1de12Z5MGWMvkKLgvrCzRwbhYU7aVS8xkuGvlbysQ&dbm_d=AKAmf-A22hQm_ILPK0kl2RbbQY1_K2ivMJ8tH4aoCfyT9ORREEknFjg6Gqu7CCKOy5maOJ6JcEXnBKfCa2Qsw9xigUHnidD94y3hMx_-OOW3UqTowKSf-Og3-Icng8H-AHz_f0mj5DZzAGoJ76m27AzX1yMVuKVnIwayb2cXcLrvOSusMrAhgHuavO7bb90-Zwyl4NLPQUQlP-ap2gnVGBjFO-lp3T3QLGbbGrHMXZYXIpzXxjoUewqyHY52SwPuG2HrxOfoUm9Jb96KbIp0tLKz-EGj4fOnTzIP1Ppq6vpB9pkQjvSK9dmhPxBgRFneLOeoYU336OmYecKV9JWcm8f5QTr020UYGoz9WnwdrGIe86ZzyNZFtDwZiIhCW1Zvhwx5S2JB4OnoH9R4e2S2Qa6jZEHvJv2mmc6pgVnBmMHsrexYCCpSGXZF_objjwE3bZ09hm46f5IcJFAsE1R1VqUm-wqQVpaIul7aUZloKFwBJ89eIBdKxhaYdvJZTQOSzq2Unm3LB7AvOyXQX_SFN12n6FqdI2lcsZHaUaKTj4rDkhZL79skAXyE_2clzGQljz3jyaJbSOdHRHIBTyQxY2O6sphKmdqaRcXgFMuRyBBm1S_-Ya-swwq9a5bEFoKlXxXAWvCbqlY05qcM_wHOSSoJ9Lbjv96qlcLt2n-RfcNaQeSGu7L4reDtgKqI0uaavN0hdrgjIcM42ZY3HRcx3FNWfiLjYhMe941KH1-1x9-x3Dngo_WKxjKBGApTiVKoOldNYjOsXfUUXB3nHmr97qTC0cuqwhz7v8xoERhNhAjKkmyKRVdEeRX0AMQ0hEZL30ZE3q3Oh-9ovZg6jBKeSHJcKVa-PvpYBO1MjyXUPVOqDQuWrLA62IGCWd8PJtBzwJwg6BJNblP-ef7TDLR_CKUWb0I4EbKHVNviSegPMVWFODbg2_bFAqWL_PReJJSs3n4regJsuy-4kWDbaatfrzbuein6LLyAbnLcABQZwKVVPHymtaCIE1lPPG56QoM_9COzJTApqMjEXZtkFbLn3b9wnWNYYj2MoEID_HNfl9P-i8PnIukGRcUz_VtgRx81skXziwmQpyUTiW7RvOyHCvrmXSNmJrZNjNDwBN0GwFVfeLYowAmYyXBsnavZmIvw0hGH4oAuKdNSujgpYhsM-4s7HfsAi4DTI-IRV6sdMiso7s2vqIOLPYbCOvl5Q0g_4janc5ixLbq7geG-RPqZAXgrLhSyJyTsCs8YsWRg5JZVigm0eQpdDwbkQutzTQmZXs6lF7xQazS36aVEaPMlRp4FaNM-s0pkHoMtQNwChFEvL1GSTeFHTXZgZx-eZSf6IPBOD_Ap6oqNcUcGZY8Vj7YJXStw0vhSXr9BN4bZi_kYN-tXuYZ_ArxJFIoIbO_QKMMCzo0Jan0z7pejiI312PBuD05E_RJTFImxyN_nGzsCYLkG0DLC3VU1oYUwA5DE5tcfSMo6pbERqlDJQ5iFChKA5iaue4ikSjaDOmVIhM9B7wuXmakr5t_MEn38cfLqvBQHX_hCPn8JRSIU__WfPVtvd05E2v5WKBvTy7mMDVCobecwpujvhmxlduVy5YYbBmHzLaaM80ozITCVO3bpyAVtd2FdDu7YWenowSjifXwDlx4ZQ5i-3jVm2XC6axEQDGHBlXO_jNEo6FSEveAjtoTe487ixWfdK1y93MR_E0Kp25-npDVN8uv2fLeGOATaSCRpxILMYeOzNmfSjKe7T8SJPGIos0D3GMtCoMGBlWLde7xgo9B-hjPMJHxvVdA5_kXmCWPIW6SDfEEscA-BtGxS5R_BxLlTfA0CdFSyBZeGC6Vv8heH1dyksu4Rb-bQZ4zED2a6Fe2uIKZBkcTKxMqlEXFWb2zC37XwJZZtk-wRlRQI3bM5eJBjRpf_X1v83MbWXHIsgnF7m6gx4r9T5zEyntJcB-vyqyGN-Ru4nzn0mTyI4q9LOVdwbQgpThOpYaHCPVTa06u9z_0Cf_Q1_-tN4DjF__jP0TO7NxKtJOQbmii7a5tfIVemBLCDKCkTpzdxA5oemlMPCbEfnvfzi2IzPDJlXWghOLTvkZwErXJi1D0upsvqopFCaJxAFCsyuqF2gElkRlAZO1ZWQ5-axjxLh8Y6-uW5ON8ocGKnO8pq2B57oDhg8V7HzRsw5XztVEicKsaYKgOSkhtMYmXa-aVfyZZw-2hPbbVig9qP1x9eMUd41hqJmrxjn1a9HBQWgqkRC4ZqLJy19OcjrrSPG8LAOsejD__aZfpxE8Yd3yFx4Ot242zKJLFsU6WPk5VOMatuQoHbq5n61Vb7uXmSGoEb_hF8l8PRYvhe1hZ-6gjRmv594ryuVRIjOmsicbryR5liU-XWLtpLoVNOK-1f3kWPstBdzmEgKr1K5VLKH-LS_uq0axayEeSTB31-crKzWWJmtkYvT63Zc8bny0ap0VbFEhlMD6yJvbqzeux1l6qyYVajHoJ1qH1U-IPgD2OiUMaEbd7b5p5vryp1XGv1BOixb_0A21mmAxFdH7sndntArBa30HLb3sjkvdlijxKfad2EuVYSShwLqGl-TCAHncDEWeP7VHE3YMfa2pu5FRR1XS_EL5E8EympPhvayYtWmo810oTbq2oYRyEwKXN5GvSYpRj2QE9a33VXLQFbKp7f3gdERUdVHR_GSTPll5u-2xR-iSdzFAyassu0vyQTduetDyWkT-m7N8Yzf-cmHPVqmZqen4cU-S18gcWSCYEewjwM3I3kxqhyySCgGwMQGeQRAgiM4vAm40aSBBTn6szFc_0_oo8Vh10_JW4mdTdD6yPzzEoeBBaOSp0E0FInpJUCLHYwqcIytZCKiUTzxNfTyPjg8mewxZau8lX-jjgo6LYIP57FkPA2ZdZrfyZnIgeoo5yTcSyRMvGnZOQxC34oBfhBeVZnfIe2x5agIZiSzO7FK3YvHPVwIFnmAlqLXgDBvJsRpOE7L6eSwW0t0PsOlMtLOe4bherikNRxQX8UzetKaoLzYtJ0LmPG631BJvldFPwKtNGHauf8YOOJFrmQBvm6Z-5l_DyvQVs8AU0G2uWGsRalxoW_khsQCa2tgk2XLKnUEUQzyn__10B3FrEN8JLphhkUY6UHhEIdlpY9xXGf74h3aU6WetXwhwS9MarJ96Q-bU5XxjDuA165nWOQgHPoRR-ilOpifEf0F6wT3f4plOnqKycrK-wH7Nvd9pb-5T3RzgAJnPOcf1F8V-nWIyTZxnABcQs&cid=CAASEuRowuh6lf0s0i-il8DwKxNeCw&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

404b87597319d66de8682fa5a1568e08f078f01e4ec15b163f812e3fafd30942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CBE 42 B
63 B 41ms
27ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cql8ROoGHKhe5Qp2v60GIHiAvkrXXE29sJtIfwwHG-7lZXCofC7f-9J0WZv1_k_WVjfEUeMjOYZPnTBP2U3yY1Yb9h9pnm7eozIQXKRWwcwUIatyQ

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7CBE 2 KB
1 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:28:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CBE 124 KB
37 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:16 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7CBE 14 KB
6 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:22:36 GMT

GET
DATA 200
OK truncated
/ Frame 62BE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d0d709374c96411328bfb43c9eabda9466ac51d3b0e195efa2a9badd3dfd7f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3BC0 3 KB
4 KB 40ms
14ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 19 Aug 2021 16:31:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6148294
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuyCRNC%2BGmvP1iU1bxqhDstS2Ocqv69sSIEonF8OMZL5fgEaoh1ZuewtAnVorJa40YMMC1VFu7mYUmQeBmfv3cW9g45LABzRZMFCr7lFSSjtRCfyBFMpgjV1Ge4ihTg6U2VXE7kPINRGXjcKmYwAYt5mSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6814c57258ac2c3a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 66A9 3 KB
3 KB 39ms
16ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 19 Aug 2021 16:31:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6148294
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y%2B3FCgEbGrxIYBrQYQNmf4oWngg7PHJLjCxhPY7FmgOxSNCS%2FXwY2xFFmUsojtz%2FzG%2BPcEl9QiYmOlOn2tD5RImcNSwVtPeHuAOtMKxUcsdErtVWNGRZdAfzSgB3Ev%2F%2BxCRyEBYpUV3eDfYEGNo232ePg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6814c57258b02c3a-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 07A9 2 KB
2 KB 49ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Thu, 19 Aug 2021 17:31:16 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2230518
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dgc%2F%2B9WQuYDYnXTStPsuUcvUq7pgdNPLvFXJF5L%2Bs%2BjhzaN0Q3CP3trXyx%2BxlYwXtXLqiHA7cEx0Ufei1MUxfm5Bv5DBgh6L1QDOKLxZleFSqMe%2BBWoMsnbTy%2FGPvEQJwG9DBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6814c5728f14dfa9-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 2C79 2 KB
2 KB 52ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Thu, 19 Aug 2021 17:31:16 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2230518
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM7vL0jWLAqof9KOQlyTtsXXQBooP5YXoHA%2FcG2ei5qMyd6YrymAjv%2FfUcLkprQmIU9KAoLSUM975GQwqGGN05zmGAGXPvtZs5mRpN10GgTIwzsZB7YIhgh%2BDRcuCJGxQL5x1i8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6814c5728f0fdfa9-FRA
content-encoding: br

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 89ms
31ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=752e7067-2ab4-4356-a9a8-56143c99ee21

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 1E5B 58 KB
59 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Thu, 19 Aug 2021 16:31:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4514338
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60R2M%2BajpoRo37dvo0sPbm%2BrKNnbhWNaIWu8ZO80KKVZYYuWMQ1gNh1Wt7RV6kcRZeTEPq%2BW9OxEoO5d7Xd71%2F5f4qv%2BrVA%2F7pqntoIymsGEvxqkoqhS%2FASpKMaWSfOZ42Ji8pU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 6814c5729f20dfa9-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 1E5B 36 KB
13 KB 34ms
33ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Thu, 19 Aug 2021 16:31:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32880
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BQN563sVYKqQtyHST3y4VQZUt%2F8Tc2nEq9%2F8SQyMatyMc6Yl5ac%2F6r9gzylPzNBEPkEaMbnXk8waai4U%2F5s0Ggpz0AjEKi83epBzuGriB22CIqgBMx0UPtp5%2FSDhAkvKWnIwVU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Thu, 19 Aug 2021 07:23:16 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6814c5729f24dfa9-FRA
cf-bgj: minify

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 82ms
28ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8bbe821d-6929-4cad-8c60-6ae2360f3890

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-29 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 7CBE 169 KB
58 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:32:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame 7CBE 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbJ1L-BI1eiwX1wzaMqvn0TScXrhibatsPEWj_p9jZQSWJYk4Fn5m2U9uPD-xEjv32lP_PN09XirSy_Kl5jmhFLYqcfVGz9f1K0xLn_yR6mB4yVkzMp1de12Z5MGWMvkKLgvrCzRwbhYU7aVS8xkuGvlbysQ&dbm_d=AKAmf-A22hQm_ILPK0kl2RbbQY1_K2ivMJ8tH4aoCfyT9ORREEknFjg6Gqu7CCKOy5maOJ6JcEXnBKfCa2Qsw9xigUHnidD94y3hMx_-OOW3UqTowKSf-Og3-Icng8H-AHz_f0mj5DZzAGoJ76m27AzX1yMVuKVnIwayb2cXcLrvOSusMrAhgHuavO7bb90-Zwyl4NLPQUQlP-ap2gnVGBjFO-lp3T3QLGbbGrHMXZYXIpzXxjoUewqyHY52SwPuG2HrxOfoUm9Jb96KbIp0tLKz-EGj4fOnTzIP1Ppq6vpB9pkQjvSK9dmhPxBgRFneLOeoYU336OmYecKV9JWcm8f5QTr020UYGoz9WnwdrGIe86ZzyNZFtDwZiIhCW1Zvhwx5S2JB4OnoH9R4e2S2Qa6jZEHvJv2mmc6pgVnBmMHsrexYCCpSGXZF_objjwE3bZ09hm46f5IcJFAsE1R1VqUm-wqQVpaIul7aUZloKFwBJ89eIBdKxhaYdvJZTQOSzq2Unm3LB7AvOyXQX_SFN12n6FqdI2lcsZHaUaKTj4rDkhZL79skAXyE_2clzGQljz3jyaJbSOdHRHIBTyQxY2O6sphKmdqaRcXgFMuRyBBm1S_-Ya-swwq9a5bEFoKlXxXAWvCbqlY05qcM_wHOSSoJ9Lbjv96qlcLt2n-RfcNaQeSGu7L4reDtgKqI0uaavN0hdrgjIcM42ZY3HRcx3FNWfiLjYhMe941KH1-1x9-x3Dngo_WKxjKBGApTiVKoOldNYjOsXfUUXB3nHmr97qTC0cuqwhz7v8xoERhNhAjKkmyKRVdEeRX0AMQ0hEZL30ZE3q3Oh-9ovZg6jBKeSHJcKVa-PvpYBO1MjyXUPVOqDQuWrLA62IGCWd8PJtBzwJwg6BJNblP-ef7TDLR_CKUWb0I4EbKHVNviSegPMVWFODbg2_bFAqWL_PReJJSs3n4regJsuy-4kWDbaatfrzbuein6LLyAbnLcABQZwKVVPHymtaCIE1lPPG56QoM_9COzJTApqMjEXZtkFbLn3b9wnWNYYj2MoEID_HNfl9P-i8PnIukGRcUz_VtgRx81skXziwmQpyUTiW7RvOyHCvrmXSNmJrZNjNDwBN0GwFVfeLYowAmYyXBsnavZmIvw0hGH4oAuKdNSujgpYhsM-4s7HfsAi4DTI-IRV6sdMiso7s2vqIOLPYbCOvl5Q0g_4janc5ixLbq7geG-RPqZAXgrLhSyJyTsCs8YsWRg5JZVigm0eQpdDwbkQutzTQmZXs6lF7xQazS36aVEaPMlRp4FaNM-s0pkHoMtQNwChFEvL1GSTeFHTXZgZx-eZSf6IPBOD_Ap6oqNcUcGZY8Vj7YJXStw0vhSXr9BN4bZi_kYN-tXuYZ_ArxJFIoIbO_QKMMCzo0Jan0z7pejiI312PBuD05E_RJTFImxyN_nGzsCYLkG0DLC3VU1oYUwA5DE5tcfSMo6pbERqlDJQ5iFChKA5iaue4ikSjaDOmVIhM9B7wuXmakr5t_MEn38cfLqvBQHX_hCPn8JRSIU__WfPVtvd05E2v5WKBvTy7mMDVCobecwpujvhmxlduVy5YYbBmHzLaaM80ozITCVO3bpyAVtd2FdDu7YWenowSjifXwDlx4ZQ5i-3jVm2XC6axEQDGHBlXO_jNEo6FSEveAjtoTe487ixWfdK1y93MR_E0Kp25-npDVN8uv2fLeGOATaSCRpxILMYeOzNmfSjKe7T8SJPGIos0D3GMtCoMGBlWLde7xgo9B-hjPMJHxvVdA5_kXmCWPIW6SDfEEscA-BtGxS5R_BxLlTfA0CdFSyBZeGC6Vv8heH1dyksu4Rb-bQZ4zED2a6Fe2uIKZBkcTKxMqlEXFWb2zC37XwJZZtk-wRlRQI3bM5eJBjRpf_X1v83MbWXHIsgnF7m6gx4r9T5zEyntJcB-vyqyGN-Ru4nzn0mTyI4q9LOVdwbQgpThOpYaHCPVTa06u9z_0Cf_Q1_-tN4DjF__jP0TO7NxKtJOQbmii7a5tfIVemBLCDKCkTpzdxA5oemlMPCbEfnvfzi2IzPDJlXWghOLTvkZwErXJi1D0upsvqopFCaJxAFCsyuqF2gElkRlAZO1ZWQ5-axjxLh8Y6-uW5ON8ocGKnO8pq2B57oDhg8V7HzRsw5XztVEicKsaYKgOSkhtMYmXa-aVfyZZw-2hPbbVig9qP1x9eMUd41hqJmrxjn1a9HBQWgqkRC4ZqLJy19OcjrrSPG8LAOsejD__aZfpxE8Yd3yFx4Ot242zKJLFsU6WPk5VOMatuQoHbq5n61Vb7uXmSGoEb_hF8l8PRYvhe1hZ-6gjRmv594ryuVRIjOmsicbryR5liU-XWLtpLoVNOK-1f3kWPstBdzmEgKr1K5VLKH-LS_uq0axayEeSTB31-crKzWWJmtkYvT63Zc8bny0ap0VbFEhlMD6yJvbqzeux1l6qyYVajHoJ1qH1U-IPgD2OiUMaEbd7b5p5vryp1XGv1BOixb_0A21mmAxFdH7sndntArBa30HLb3sjkvdlijxKfad2EuVYSShwLqGl-TCAHncDEWeP7VHE3YMfa2pu5FRR1XS_EL5E8EympPhvayYtWmo810oTbq2oYRyEwKXN5GvSYpRj2QE9a33VXLQFbKp7f3gdERUdVHR_GSTPll5u-2xR-iSdzFAyassu0vyQTduetDyWkT-m7N8Yzf-cmHPVqmZqen4cU-S18gcWSCYEewjwM3I3kxqhyySCgGwMQGeQRAgiM4vAm40aSBBTn6szFc_0_oo8Vh10_JW4mdTdD6yPzzEoeBBaOSp0E0FInpJUCLHYwqcIytZCKiUTzxNfTyPjg8mewxZau8lX-jjgo6LYIP57FkPA2ZdZrfyZnIgeoo5yTcSyRMvGnZOQxC34oBfhBeVZnfIe2x5agIZiSzO7FK3YvHPVwIFnmAlqLXgDBvJsRpOE7L6eSwW0t0PsOlMtLOe4bherikNRxQX8UzetKaoLzYtJ0LmPG631BJvldFPwKtNGHauf8YOOJFrmQBvm6Z-5l_DyvQVs8AU0G2uWGsRalxoW_khsQCa2tgk2XLKnUEUQzyn__10B3FrEN8JLphhkUY6UHhEIdlpY9xXGf74h3aU6WetXwhwS9MarJ96Q-bU5XxjDuA165nWOQgHPoRR-ilOpifEf0F6wT3f4plOnqKycrK-wH7Nvd9pb-5T3RzgAJnPOcf1F8V-nWIyTZxnABcQs&cid=CAASEuRowuh6lf0s0i-il8DwKxNeCw&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:29:32 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 7CBE 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:27:51 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 80ms
30ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=822b2297-e3ec-45d7-ae43-6f9014855eec

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 28ms
27ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=dynamo.kiev.ua&host=dynamo.kiev.ua&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 66ms
29ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=3165bf57-bd28-4874-a861-9403c76a3659

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 85ms
31ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=9&zone=45B41EFB-E90B-48C6-9279-355D175966F5&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=479266b9-1745-4789-b513-89984140ac17&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 83ms
30ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=9&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=66b34e43-881c-47da-8d09-3daa472a14a1&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0&hold=1

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 48ms
29ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=45b41efb-e90b-48c6-9279-355d175966f5

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 36A0 11 KB
3 KB 92ms
28ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=2729546773374393934&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2729546773374393934%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_cid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%2526client%253Dca-pub-3064647383031638%2526adurl%253D%26redirect%3D
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 437bd91c1d1307d1d3d5c9c09d3ec1ea36685436b02890c53d85a006793b5be7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3380
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 36A0 49 B
330 B 95ms
32ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2729546773374393934&node_id=1626&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnM01UTXpNR1V0WXpFNVlTMHdOV1JpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3Mjk1NDY3NzMzNzQzOTM5MzQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGOHZYbGpjTzRNbXRLa045NGpwbmJPay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzI5NTQ2NzczMzc0MzkzOTM0L3pyaC8wLzMzNS83Ny85OTkvMzIyLzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjkzOTA2NzYvMTYyOTQwMzI3Ni80L3B1Yi0zMDY0NjQ3MzgzMDMxNjM4Lw/bUyFzL4a4TCssbxDR_G3NThjz_4&nodeid=1626&group=eu&auctionid=2729546773374393934&shardkey=2729546773374393934&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.203.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: MMBD/3.203.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x70, zrh-bidder-x137
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 36A0 43 B
360 B 113ms
45ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2729546773374393934&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnM01UTXpNR1V0WXpFNVlTMHdOV1JpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3Mjk1NDY3NzMzNzQzOTM5MzQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGOHZYbGpjTzRNbXRLa045NGpwbmJPay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzI5NTQ2NzczMzc0MzkzOTM0L3pyaC8wLzMzNS83Ny85OTkvMzIyLzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjkzOTA2NzYvMTYyOTQwMzI3Ni80L3B1Yi0zMDY0NjQ3MzgzMDMxNjM4Lw/bUyFzL4a4TCssbxDR_G3NThjz_4&nodeid=1626&group=eu&auctionid=2729546773374393934&shardkey=2729546773374393934&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x26 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:31:12 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 36A0 49 B
330 B 96ms
32ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2729546773374393934&st=4562306&time=1629390676&nodeid=1626
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnM01UTXpNR1V0WXpFNVlTMHdOV1JpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3Mjk1NDY3NzMzNzQzOTM5MzQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGOHZYbGpjTzRNbXRLa045NGpwbmJPay8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzI5NTQ2NzczMzc0MzkzOTM0L3pyaC8wLzMzNS83Ny85OTkvMzIyLzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjkzOTA2NzYvMTYyOTQwMzI3Ni80L3B1Yi0zMDY0NjQ3MzgzMDMxNjM4Lw/bUyFzL4a4TCssbxDR_G3NThjz_4&nodeid=1626&group=eu&auctionid=2729546773374393934&shardkey=2729546773374393934&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.156&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%26client%3Dca-pub-3064647383031638%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.203.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: MMBD/3.203.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x65, zrh-bidder-x137
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 19 Aug 2021 16:31:15 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 28ms
28ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=5cb0175c-f2a1-4368-b48b-daa798038bd2

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 30ms
29ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=296b5670-49a2-42b8-bf85-3d039da56b6a

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:31:17 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EBD8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1

43 B
1014 B

49ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBCeqZUCGPnt5ZsBMAE&v=APEucNWhGv0r8pDhsxhbkDSD7xfFP-k5WCBPYhzNa-bCJGQf5Li2a6kxrp44RjprwW4iY4N7qltjeYF5rCxAKrfyMsXboFLSrpQKImLEi2iS7ZO8C_niz8Bo7cS9rdIAcrgEQ0j8RI4KHcdFEgyHGAh_l0uAzR_JxRgRAyqWujdmv842o9pAntQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:31:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EBD8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1

43 B
1014 B

1049ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBCeqZUCGPnt5ZsBMAE&v=APEucNWhGv0r8pDhsxhbkDSD7xfFP-k5WCBPYhzNa-bCJGQf5Li2a6kxrp44RjprwW4iY4N7qltjeYF5rCxAKrfyMsXboFLSrpQKImLEi2iS7ZO8C_niz8Bo7cS9rdIAcrgEQ0j8RI4KHcdFEgyHGAh_l0uAzR_JxRgRAyqWujdmv842o9pAntQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:31:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFsljY2M0QnS10mnNPcCfw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EBD8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMGfqW_B9I-JGQCR6kCKZjA&google_cver=1

43 B
1000 B

22ms
15ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMGfqW_B9I-JGQCR6kCKZjA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKTkFBCeqZUCGPnt5ZsBMAE&v=APEucNWhGv0r8pDhsxhbkDSD7xfFP-k5WCBPYhzNa-bCJGQf5Li2a6kxrp44RjprwW4iY4N7qltjeYF5rCxAKrfyMsXboFLSrpQKImLEi2iS7ZO8C_niz8Bo7cS9rdIAcrgEQ0j8RI4KHcdFEgyHGAh_l0uAzR_JxRgRAyqWujdmv842o9pAntQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3f4396be-31ec-4527-bd20-6c94486307f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMGfqW_B9I-JGQCR6kCKZjA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EBD8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI3MDI1ODk1OTcyNzU2NDk0MQ%3D%3D

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI3MDI1ODk1OTcyNzU2NDk0MQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
X-Proxy-Origin: 159.48.55.5; 159.48.55.5; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1eba9688-0d34-4d1b-90c5-0000b9dba3de
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI3MDI1ODk1OTcyNzU2NDk0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4DC9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8XDyVBEXlkPYftP6MyATo&google_cver=1&google_push=AYg5qPI4MGUho2e2anghixrHQpD7r5HNoUEjvZy2tXDybvSk30OoDJyWm6v3FC4kyCoQumDQ0g-as9luoxDysDI_xxyrqVJwrIo1
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQyNzgzNTcxMjUxMjE2MDgwNQ==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1

43 B
407 B

16ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEN57rPsBAbROLS69Jocqk14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 4DC9
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEOG-IKvt2c-4jaFWU7cuS9w&google_cver=1&google_push=AYg5qPI8u2scAn_UOMoIDOJsamSfFrKC8w0gnh27zOYhkLL563E8UkiT_T3BoFAUGAbGfVfILNZ_ksh0jCvSJRwwW6uxscU...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPI8u2scAn_UOMoIDOJsamSfFrKC8w0gnh27zOYhkLL563E8UkiT_T3BoFAUGAbGfVfILNZ_ksh0jCvSJRwwW6uxscUh9I0&google_hm=NDY4MDMyOTc0...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
812 B

694ms
21ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4DC9
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGLvVuQuec5HKfibJPecjPE&google_cver=1&google_push=AYg5qPLGbUNsqWYXpNw5s2Osy3CWzycCQNp2J1tPRM1BUSIv1FZS3wjhUyrFiwhU3u4M2Xlg8rG0Tsl...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEGLvVuQuec5HKfibJPecjPE&google_cver=1&google_push=AYg5qPLGbUNsqWYXpNw5s2Osy3CWzycCQNp2J1tPRM1BUSIv1FZS3wjhUyrFiwhU3u4M2...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=v61guwhkTFGCH4WCTYq34mEeh1U

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=v61guwhkTFGCH4WCTYq34mEeh1U

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:16 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=v61guwhkTFGCH4WCTYq34mEeh1U
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 genericusersync.ashx
sync.tidaltv.com/ Frame 4DC9 42 B
217 B 96ms
31ms Image
image/gif 2a05:d018:24:b001:6cd5:9d52:6dd6:6c58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESELpeFBhqRbpWFQAAEgVb45k&google_cver=1&google_push=AYg5qPLgWqWadG7CMpOfTmt4j2exsY26VsSREWxDK0IStPeCy0NhU-3DZbRg4tn0ACM8IWBKJtVj5kZEBHE-_bPZ2CFzyirVZYxl

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:24:b001:6cd5:9d52:6dd6:6c58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
server: Apache-Coyote/1.1
content-type: image/gif
x-xss-protection: 1; mode=block
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4DC9
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB-zQWPnzyUnZHlQncvh1OE&google_cver=1&google_push=AYg5qPIdndgSRI9iccm84tc25tXbKzfi9BzJX7hW4It232X7-aqlloetWR2CVHQiqPe_AU0kjPfvbGqPS7dIXwGY...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIdndgSRI9iccm84tc25tXbKzfi9BzJX7hW4It232X7-aqlloetWR2CVHQiqPe_AU0kjPfvbGqPS7dIXwGY2K0uMYMQHds

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIdndgSRI9iccm84tc25tXbKzfi9BzJX7hW4It232X7-aqlloetWR2CVHQiqPe_AU0kjPfvbGqPS7dIXwGY2K0uMYMQHds

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 16:31:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oIXZPnwkRHadtKxZAQLTcA2&google_push=AYg5qPIdndgSRI9iccm84tc25tXbKzfi9BzJX7hW4It232X7-aqlloetWR2CVHQiqPe_AU0kjPfvbGqPS7dIXwGY2K0uMYMQHds
x-host: tde-deliveryengine-production-75454cbd8f-vzs5f
alt-svc: clear
content-length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4DC9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4DC9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMXb-9PTW8G_3j-_zvJejiY&google_cver=1&google_push=AYg5qPIgfWv1clMVpD5kPGOxNHDv7osqxINmCDxMMdkM2S97T76bOAUhVg2BiZTozzAsXJ5ZM7...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySXRPXzFGRTJ1RkR2dVFESUFURHk5d3hiWDJHU2VmTH5B&google_push=AYg5qPIgfWv1clMVpD5kPGOxNHDv7osqxINmCDxMMdkM2S97T76bOAUhV...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySXRPXzFGRTJ1RkR2dVFESUFURHk5d3hiWDJHU2VmTH5B&google_push=AYg5qPIgfWv1clMVpD5kPGOxNHDv7osqxINmCDxMMdkM2S97T76bOAUhVg2BiZTozzAsXJ5ZM7Wxt7xOBflbd6PKBRsbGS_3LquQIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:31:16 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySXRPXzFGRTJ1RkR2dVFESUFURHk5d3hiWDJHU2VmTH5B&google_push=AYg5qPIgfWv1clMVpD5kPGOxNHDv7osqxINmCDxMMdkM2S97T76bOAUhVg2BiZTozzAsXJ5ZM7Wxt7xOBflbd6PKBRsbGS_3LquQIw
Connection: keep-alive
Content-Length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 4DC9 0
12 B 32ms
29ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHrtz2zvKLOEKk99G8U1ZmkRZM4hQeH_NnAXTjPynjmE9qM1eT9BqfyySVaUEp9GwZrlcb7A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614955&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675965&bpp=4&bdt=76&idt=457&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=965597475&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=185&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=31060047%2C20211866%2C31060032%2C31062178%2C31062297&oid=3&pvsid=1367353397694724&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.wjem1rj4flq6&fsb=1&dtd=478

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1E5B 3 KB
4 KB 40ms
25ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 19 Aug 2021 16:31:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6148294
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wy2JK3RIPnfpzLrHWoMRbucZIvwGXRQXf%2FUEScAo0I7sVO4uWQvGjYByao8Snz7U2iBbSIu6vD4sBgLCdf5P0waQtYOnvGRKt7P78XpK2iwwfRkE4DSIdbpF532s7IBBQkkN0%2B2IlT4hiJ4wdnbn7bMVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6814c5730ff5c2f4-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7CBE 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 11:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 11:32:33 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0809 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48131
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7CBE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b3bef701450b796e803e31f4f6ddabc221141e957c9a09fd0e1afc2e28fccdf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame E99B 2 KB
2 KB 18ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D

Response headers

date: Thu, 19 Aug 2021 16:31:16 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Thu, 19 Aug 2021 17:31:16 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2230518
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBCLeNfj7KUSQu%2FRDVt0AXl78MRBQUbCcR%2FdIlf1I6Vn02kKr3HZcHkwxPmLoeY6DgIFhTGjICIiQwKbXUOeGmzpFVKNrky0ZLFohDlSyhoCe97p%2BJ7oZKgU5vOR2QfJnrRU8pg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6814c5732816dfa9-FRA
content-encoding: br

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/ Frame 56C2 125 KB
35 KB 31ms
14ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54bd5aece13dd6fc2b0c6aa62ed074d99d28f93f7564dd031545a1d93e6f49fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35510
date: Thu, 19 Aug 2021 16:31:17 GMT
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
last-modified: Mon, 30 Nov 2020 15:29:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7CBE 0
592 B 124ms
63ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuE0Xydl8pqfonZSS85cSeDDViQKjG__d6QcHvXxALA5LXnwp_t6uYaHodNWNaJ4AhtSv-VCmE5s6xjjNBTetl9pZirfdb1RpDyQrk-2lW7k7U8WRABuYljAwy-GYfLOcp_O4jQuoJY50q0m-XLX2kSlEmlrPzYahIVEjTAraPTeHXUKZQoDbe5sz4M1o1gzJwTT9F9B9R1yENYaxnwuNC2Pe10UYnGijzxXvU-UY6OaB9TH4XOhT9uA1xJu8X4VtoshzmuXdHnVTn678XizjeD0-tel3maTlgA2QQcxEfzSsimddq-XwuZD2tBaCXWj4dt9Z78ibfhv-6lohPS4XpE3DeMvNlGJG36G8ri7q-QIoUEHgkZEVyPxl2n2BF4Jt70eeMIZXDZAQwZOgjwmJuwzYEvTRYibXIcEcWFPBoPXOvz0o-5kS2lp7zWvJkMTIRK5gPVKF6_qpTtMRWO5OB6tDZlC9Oj57tShcsMoc9yvUpA3TaOKpFHpVAF152gNQsmDfyhDovU-V9e_b55t8rJgv4SpL-oMko8g4ZXCh6t5zNSOKUf-61LsgCE216YFEmRs8UUBFNpmK87wGFJ460i9uhcPUmU8CQ5cqJxfSF0rx308O28yoOa1hfTkiQGlS8YWPov50JPBEzdj8Nri-rE0640XMiajnMaZxxe7kESmWyv-jMpz12XxbWrwQecDjl35EIbIbOWn5uUzrQgltf4Dkb_diH08kRuQTeR9R0uYmrgp3aD2sETqE-87HbOBXvxrJhkC0h5gIFbSLwcsxQnxU2hPtgoDbFLtn-rfZExKzzft6SOIV7NOfs7lpJPzFyeeALFObecGWGOxnp8mLNtTI-9lFNy6q8Zrbil1MoThFnlnJ-PSolt82ldtqm8Hfnh1HX5S7ieN4zIFUBoZe9IOvxPu50Fa7LY7Qcdd6IZd8BZw1tciZEkVbDMWzOxQJma8kBEgkvBJ2jDWEuB_J1ziwqQSMVyc-hfSqsxM2Z9oktisbd-vDQiylgPwNKQ53yw4sAgg66Qx4SEootleg4Ttia6CwT9DWEvDnbeQT5di6RDNHVS8_3eDB4A5msHNyD0i_LY6oufkApAA21WLNivxGBQN3Ci7UuC8EDT7p266sVCOnEJSIn-Q_txlAOaLk0ypdcF5d2Po59zo2XXSw9rTN6X7_jWcS_5752dTCwEf22E6Mvdd6ZN&sai=AMfl-YTu4vlqJoc1OqSRdKbn7Ixn7dQwaC3pLPUreecrHUuIPQaHvRqO7dm751utqgaztPQPiRAhv4OkA5fD5CI-6-zhPQVBPzaNu9mYIYi7Nd4MeHCT64w0_X1gLWu-_qY3pXIKlJFe0JjKSLFUiOmekbklMit6sw&sig=Cg0ArKJSzHAVzLndoqkAEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=87&cisv=r20210812.46899&adurl=

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 19 Aug 2021 16:31:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1DA3 11 KB
8 KB 35ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b27e7baa05ec47804575804ad818668ab791dc4bb3e130b2339a3574477b7475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8600
x-xss-protection: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B92 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 11:32:34 GMT
expires: Fri, 19 Aug 2022 11:32:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3353 11 KB
8 KB 22ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1aceed4cf4123952a2a570991180739fa6f3e6d01eebb8c0624a1d05b1c3cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8361
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame 36A0
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
934 B

647ms
85ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2729546773374393934%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_cid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%2526client%253Dca-pub-3064647383031638%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4144222282843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 50e881d1075d4c6bf072285c7edbc906643425108720dfd7a22a66713e78a9d7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 30893500123268100951389011691002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 328
Expires: Thu, 19 Aug 2021 17:31:18 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2729546773374393934%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_cid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%2526client%253Dca-pub-3064647383031638%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4144222282843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 19 Aug 2021 17:31:17 +0200

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0809 35 B
463 B 11ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG_QA_H1NWtcTjG8BHVPpaw&google_cver=1&google_push=AYg5qPJ0zfUyZJhyLoc0Q6uC5Tl6D3a9NDFfLdEPA2Qi8XGzV_jCyRDL6argHrpEHTFsfPhnagz0ATZ532XNPZLGR_S2TNTgaJDp

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0809
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI851FpFH6ksmEcyTjr4mIM&google_cver=1&google_push=AYg5qPI2fVaSUYFhQjodQAPZMvuq1vV9_H0fGQeG7Wdv_Y7k6QOGrRzCh6RmayKZvn_Y5o5ffD3Hg2xbctuHxaLj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPI2fVaSUYFhQjodQAPZMvuq1vV9_H0fGQeG7Wdv_Y7k6QOGrRzCh6RmayKZvn_Y5o5ffD3Hg2xbctuHxaLjCZrRuBzS...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPI2fVaSUYFhQjodQAPZMvuq1vV9_H0fGQeG7Wdv_Y7k6QOGrRzCh6RmayKZvn_Y5o5ffD3Hg2xbctuHxaLjCZrRuBzS8Oir

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:30:37 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPI2fVaSUYFhQjodQAPZMvuq1vV9_H0fGQeG7Wdv_Y7k6QOGrRzCh6RmayKZvn_Y5o5ffD3Hg2xbctuHxaLjCZrRuBzS8Oir
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 19 Aug 2021 16:30:36 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0809 0
12 B 29ms
28ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLlG2UkGDOMbC_Aeq98kq6XSxly3MrkSNolJk

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DA3 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:17 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3353 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:17 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4399 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93a337e45ca5023a0a579c53c1551331d50ca1a8240f223615d8047ef2c296a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8503
x-xss-protection: 0

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 56C2 110 KB
38 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 15:32:06 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame 3BC0 1 KB
2 KB 45ms
45ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcab5e4caecc02b44fb476c9c7c4a743e105401532994c64bf9c198fbd7b0ca4

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jm4cwjc08qcp08qasaa4nmnxshqxjh56mgzb0ngc0748gcye3fnqqqh4ntbxv6rv29set1mwhg2fgg3w83x1a509fpch549wr6vz581hpgpe4b8rnqcv9g7rq6x9bbs84nj0nsgfqzsecwwqjc93kj2stp80v8vd2543qy1kr73wtd28v1xkqtfd9macj3hkhhtt81pvxzq2b0de37z7rqfrpq0q6z3j2eazjqjd9asndz5bfwcfkwkmmryxy4tzd7kg108vywmr03a21j3d221ydj3w237xcyg0fw3vqcwzb4f6kbh584epf05s0ab4jya8bez0h2n20cr4aexrfhcap8vpck5knsp8n97hjaxc1ka00na252sz10kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6814c573b8fbdfa9-FRA
date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5GESy2H%2BKpPq4aBfcuZRhAG0PkZTnwrIzmguw0jTyFOzWwrGubeQyJa58QP2EV2Kap5iE19wfFdKoBtOqeNPLGbQz7SnCFIxt4Qo4VVk6lE10XSpUyufnJnL6GpsDRFsoPTHOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

POST
H3-29 200 rs Show response
ad4m.at/ Frame 66A9 1 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3673c6962fb0c9462cca8763b5c5c5d1fc6d52a8618c728bf92f2b16e32829

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h2dcg2z148bzv5watjfx6hwgzbpxhrjad01kmastqg7e3vz55n2g2pm5fn3kecjtj18pvkj20pe3420hyz85f68rtnspdwes2nfw7t722kvtnt3pn8tpga4pmrx6spwp466zazpsgje7a2526cy5qk3cjdgs2k067pzsv2gsyn5bdxrxcxw95e2ej68rp8mfcpyvgd1cw1zdgvtgdkwd63v7xk8ffgbeewnwv1nkbq9yvv60nse8me6vn6xpaxbpsacswrw3wr22nqpkjj2crn0w361c17dghzt6r9kxbbh3c5pndvv4qa7ast2nsfgzvk0ae2w1jr0wf2mx9934r9jdgsr7rxatt1srsk463axrhrd0zb0gxngvjbsp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6814c573c90edfa9-FRA
date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czGRj9Bjavq6BdDZUTdvT%2Fwa1Dzw%2Fh5ql2W78SspLvWJvGLJjG6D44H2LjXdxvQJl1vH9LwWYNlSDHQSYHLPRcSW4HZkTchAyO31cDDAOYNJTzWEx28HU4JsiStEmmrhlwTdFn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B92 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7722 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 19 Aug 2021 15:32:05 GMT
expires: Fri, 19 Aug 2022 15:32:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F07 783 B
537 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa2118bde0fe61115984d501eeb8142e35c81246745db9eb829e5c3481c37e66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xygkayQeP5c5tOi33CPULA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

expires: Thu, 19 Aug 2021 16:31:17 GMT
date: Thu, 19 Aug 2021 16:31:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xygkayQeP5c5tOi33CPULA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4399 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:17 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame 1E5B 1 KB
2 KB 53ms
52ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475218316d91f773a8adf0b01851fbec12427d3d7d39c1474fdc86122bd168fa

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jxtks4bvc15yx3d4k63qh913dndadd6bwbcgt4xwft8sw6fkgb3465yryhnb0vpgtc9k419y8q3n9tz4krjnd3yes39a5brp6rd83hh666fhbxhry539jhsqpj7gw3596k2y5602xfmvjcrj6y38nx6dw1vs3tz8szcf4bfezpcq0t3hh15t243cw8et3pm8e56vq2kg455hxb26dbnf5qyqjfw9nrnhn5cz3enaddbsre8yefkb56g4pt5n262a42mj6y9zxkj5c7arnm4mvzy6gxpfwvaay8m24rz4tq2fvjcjqwet8nr1r8724x7zmegw5kvgp9e2h6jgnqywah9n0dexnt9rbzswpc6q0wrp2p4yghz7ettrqtnc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%26client%3Dca-pub-3064647383031638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6814c573e93fdfa9-FRA
date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP68rglhrnXaoRDFnBEaqLg02edBwaAkstkkVu3p%2FX4I6o%2BvTb1%2FWyvW3OcIP7Ij5DhQb%2Fh%2FflP95o6UEXcefaefJwzdbTpIkbiMEi7CWPBRIW9HT29FIwdnv%2Bcd6bxIrs504c8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H3-29 200 TUITypeLtBd.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/ Frame 56C2 64 KB
35 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/TUITypeLtBd.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6174ef17180718a4e0c3f3c60e6b8eb205faf1494bbe7ab29756d9d8c5df599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 09:31:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36053
x-xss-protection: 0
last-modified: Mon, 30 Nov 2020 15:29:32 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 09:31:25 GMT

GET
H3-29 200 container.html Show response
12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7ED5 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:31:16 GMT
expires: Fri, 19 Aug 2022 16:31:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame BF0A 9 KB
4 KB 22ms
21ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25d1000bb9416fcfa4523a1ff9c5b9bf2e80e6ff321a90bec894edf2d0ca32c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6814c574497e2bc6-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 5109 9 KB
3 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44dce55b2f3630098b6a0b2046d6b9f65aa23510608448be466509f4994f6a00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6814c57459b62bc6-FRA
content-encoding: br

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FEAE 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 19 Aug 2021 15:32:05 GMT
expires: Fri, 19 Aug 2022 15:32:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6B1A 783 B
538 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dd4130fa2b5d85cd7ad946b6c3870d58a04279f2b14b2249ac16d0eaa4a641a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lLs6f69bYQr6kiFYaLUSVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

expires: Thu, 19 Aug 2021 16:31:17 GMT
date: Thu, 19 Aug 2021 16:31:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lLs6f69bYQr6kiFYaLUSVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 9C85 9 KB
4 KB 21ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e566775700e2c37624877d5f3c4d8baaa70627bfcff30c8f7bb3fe754c36ba84

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6814c5747a3adfa9-FRA
content-encoding: br

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7CBE 0
23 B 89ms
59ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 56C2 6 KB
4 KB 36ms
35ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

678d06c85f613b29bab7bab461daf8ae545cc9b5e6e0849b6ef071b031494ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4447
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9553 12 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 19 Aug 2021 15:32:05 GMT
expires: Fri, 19 Aug 2022 15:32:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 439A 783 B
538 B 21ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c93d9c732c3e656f970936cb309f688721599a1e5d750279fadf3ca0fb292c81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JQy4XJuFTqczJbVELxMmsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

expires: Thu, 19 Aug 2021 16:31:17 GMT
date: Thu, 19 Aug 2021 16:31:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-JQy4XJuFTqczJbVELxMmsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8300 640 B
316 B 19ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmaibKt5NubTydsa8BBGTAy03IxKmTLj6Dlu750hI4FCwo4Qww8XkoXEpw2P1A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 19 Aug 2021 16:31:17 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7ED5 25 KB
13 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AD0KStEuj5bs9o_G_f2oJ_NC-JLFo8e31foWYiw_Q7ZuF2EQFCqQxjCE28G4Hf1MH4Rag-3BY5Cc9-8LueWs5E9GbtzcYmdl2dxCJ7dyG-L1cqSjvlK7pdHE7shPV8XzBjytaHyS52l5-yX4qS9vAj6b2J9A&cry=1&dbm_d=AKAmf-AnsmlP-vQVoTCa6aUSR_dop5ijzvnqMsRaevwErFZs_QgnqyMTDCo080xW3RnX83_qSXVbhNVYU3AGmIbKO13fe6aTRzeVgNPWeLiVyOyntj1-BQJJquFYjRg4VLCToDFQ-Apfvcke2Vn37LtbN3hwkTA7IhOWQy51sZBwW69SYT76BDdMyloquNMSvg1UMc_x0ETGStijG89QIaiIoxl2bYXZTmj-Vbo7-hqiLZaB_20aQFA_V-EgP5ExWJrRFbAnr7ql8wKNVLrHJh8tQspCLXUaQ14SbHwtWhfG_KJFA2CzO9onZtU29XVP-q3W68_vTn_fBMZqKrLdn6O4H8SJrJH8vljjHR2MgwXjmwfVw3vCj81SZs7WjBW8EWIzV476pHUTA4vlytdbjrWZ34oYcLAURmELU3y1O0D5hV02N1RUxPsKxTJrfqKExWEphVPDhFXDquvinbXeIBe0W3JuBTYw_xzhoLLicOjUBUG1Fpn42JkwMWdYGvRyMBPNfrZbT_7FqeD7YamB-BYRvfDIqBclFi5dQM2ZdS_8q5eiH6uUB6qiyYNC9_MRwpsvhgqzXnor-vb9X8zYN1dAbLTXFbTMLuBN4XsR4-ymTcCK2Zxd2O8EZdTPtF-oTuWBwns1Q2FFpj6ds-p7w1PCK--ajYLWY1XHzwDThz61WWJcgrwTbOxCeLIdc4Lmu9StdXx-xbRU8GXLPKIoAUpwLw1IYVqzyTFuDaxoA8AzGOV2spDWYqrgXUgW3E8IsgH5FkOic85VTTmPUoS9Wk3uVe8rIf9QDBjIAJ_BdCEJq49EOyaSf27n_F20fGHVZJo3a2WeRGf6lQ_8DTKftqQBxpc2_V5xtTnrpOhCLOharaAmlPv4VJQWZGAXXQZpDX5n2Uu9QpJv0FNmltPbNyJ5PC7-7OdAGm9YizDUkwkgjQvMybuTSE99czF4t91LSq6hDM7Yxc2SWrqH0oNUdThI8HAzJrijmPdwESRRCQqZl7m9Td7yAJmQAyNWaHVRQWXBZ9J89sIHlMAWxRBdbGgblAPCAS6zJLh9xL6H8GvWOdFBoJ6tYZ_rhrOhrRFc2O3-BcdsqN2n3rxFpHlJxEpgH3NsLEbBeuSu1_4f6-cUsWO_0oGS4KotahziGoi1UUha89TQkdXWU4ns0JQheJjYL2xaYfnk1xIzqoRd0Woo7_9rMcRETPr0o5QHNVSbgeHY_LsY9eIJ_FEpybhSqaqkHsQQyb9mE60XKj9yE6pKuPGtjRWpkV5Z_5D31NivY4I8Z-SkQoK8qyFZ13OZUs1Jy8eeiNJhQb82Oz69UCBl4_EylLYIRm8N-RNTai15J-ITQjzvSB1LaiG8AbUWTXCFiXG9xddZ5H2y7oQtsorG8kRmYBAd5WMdjjHwxD2X1pRY6Hxzj-HzcMTttSsqvZVsZURrrlDX3SEB_PQZU4cj90S61TtohyJRcBbYcRmpuxw4_xBPCbBrgaojcy2j0sgX1nzkON6q5Er8DrDu-QGsYL6fL-UsgUR_wSCj30xIN0rtm6A5eTqAaLc_BydOcJspbb98DnhZMJG_DnoruwRMDtu1pt4yb7FBF3SDwG6A9HzhzImuKGUlvfyexFsPFtDCQKPHskRPFcQfeIG9a7_PPJTAa6N9B0BOZlqW1QIxk1L95y2lbaTFKN3FO19YEIPNUCt5AkXbEVIIJrSb0Cl5RRSvzGvOZXVhRQFBIqS_wbWz_kZDNuxhEm-zi5iq-NNPsEdVotSBiv0ZUm7uFuPRRCFszls4kGBNv0xKS4KPWWawIG2F3uBPwIu1riw2joz0Oz7dkyrpumEM4Nd3i1coiNMyoXMwYY5c3UTnV-Dl0USkhCiAWGkFDjqQVh0BjVmd2XodUbtPil3ozNZe_Cdf3Dm6eCq83hq3JaPwqcSOpDmeonam3M8nxmGkMXsgU43yRR6QMz9mY8GUf4Zo-so4YztC9xffZngDRJzm663ALnft5Zdj8sJMm8-p76Txhrn3HfUuii6uSNOAfNkVkqr_XRKZSsZh-q-CqGfI3wvHxh46lt_uva_D-4G2Rp8tumnWxs8ZXrnZ7X9a1GQCCteMYaO4EBGUIN3QgTqCjHVgREIvk0-BGFL_e9hDxH6l3YvqdWIsh8mr1xE14F-47t3cd5sPcabl_uqvHn3gPGjJBxSJtU3KrPH2VJ4_OdvhtWgh4A5kp9Ax4rF95txyWMbFvJTd9PbyLu25XDdK8XSGwSFaO61NH__ct82kT3rdTQ56LAwHT18-D3PPQ3PfrvtbhMXjd2o6yMdncQKGQNKTijCrerB9JIgcFjZw74kfehH1ClqdQIKpg6a7mL8YoIPkAvkWP5DagsVPo52h_HsDv5uQCKENfSZS8ir245DXo1XtjRWMhe9fN4u2mrAUCK5nh8661Bk686nes-4_NiiPIBo2WMOPZMDJVqr7XGSf5o-S7cBc5m8OR8DOsFyLW-YTGf5IYRkMEmEoCdi4n3P6sgrKUgtyJFMvm77gcHchPw3jiqKCJ2CHQOXW6HX0hsw9SMgTxGRm-6MM_wV1uIWvJEeA4CRAcck-6PwPDm6WYesdJnlEnacqxaOoUXBi4S7oG4ms3nhHxLM1Yf0fkaQpJisJ7W7rRZbedc7EQ7IPQi8IesKwTaD7ogSXM3YTpkvjNUbymdBadv_0J8PwZrB4Ub9dKhqYTMtEN4Jml0-QiIKCoHAnGPzN9sgsHgTTXax0dxeY2uMrcO2umtnm50lfvqCw1hILKvKSoLDP-RrJj2TCLxDU8273CVrD2p7Dp-D8gl0V0tfc_CMD7d1lg2cQQz6t8QbQ_zlnTnKdmpuBuGBCBtE_Oc7cJwsN9IsXySbG-wggVphC_e-LciWGvDGaM0-smcpxR3070Fj75tsVCQvT5PaeQTBFxu-Yt2mUJM51NgFmZSQaSqRS6n9ZFnmx0wf3LGwr7_6QzhPGFGcJB-ldWeOahyG85Be-5SPB9us5LCbJ7t0RiLOZUHjVCYwRbxGUk4Jvla4ORKTQv7f6_Dz5RgXPDtWbgzbUVZjIpwGz-e9GZOODx4g50snnFCLUA3L6-Xz_At_2dgREQ_tEjM86_Wx2MJXqb6q6vlueI7x-4ss7z55snv4eC5iaKREpEGPQuq8DgdphCzu3XT-2_i9FEKWcE-YlmLRXphk6aXqeJXOoXAVHml-EAf7A3n1eDY9SjvaIG-oE584d-6-KoCqPADEqFRnBI9m5-GFo6DcKnnrKmNaeFM9UiAIJao08x2-zv098eY4uG_dPvQkN8zoRLdG4VRIS5Yi2qnOdfm6k7O8QP1a3xrbQTt3QsmUGzIRcwjZQrJUcB-8JONbQn_ltwdbU7Gx2MmLJ46cGTYlvCTKqIOj6t7IoZxZ2u__CzDpZWFNhbKENKlafSfim14IcL9IBt-T68IamDbd1NEXwvXsXTKwH9re8KhvqWuPmv7radsIE6nOsoMtSgRJ3RlRQBqT2_mfjUCeVWdv8Uc5wgyBhTbb6a9heLHnJDKvDnhvSfVIGudFt&cid=CAASEuRop3_b6lZE6aaI1n2hlrg-Vg&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9f1657e92caab56934ef106d6b7a0fda66486a3467cda1c8c03a3d8722c45dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ED5 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpwYkgeHKW5Tn7cUeOIyJjMMGaeWCwXzzbKG3OLRwb61fv4XKqts4_bEnmfKISgTJBs7EUcCWyVk7emZUkG7C5TjIMPrB2icyvLtVYy57Y-WLZ20M

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7ED5 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:28:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ED5 124 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7ED5 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:22:36 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7ED5 0
0 14ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXnl1T5abbsp4fsBLHdpipr8VOagHMELG5lBVPdJwMt6ycUO9atSsGjxPUDYSW1IS4EO-OcMCmgGcyaeFDfiwsLVoRmQ
Requested by: Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7722 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B92 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B361yVIceYbuwMLiM7_UPjsaOiAgAAAAAOAHgBAI&bg=!m5ilmNzNAAZvV8FTb1c7ACkAdvg8WubgQbXCrLcxYZVkN74z5-inYJz2lPff7NwkWK1m3luCdSMwhgIAAACaUgAAAAloAQeZArgZ_mB3eW1P91n3XACwVCDFkb90z0H-ZOc02q1TQhlHKDsNxRCnSUAXlsakgXp8lBcUg72WppQ-0yHhO9_7q9vr7Vu8ccZchUU3ClTK0gD6LeopX0KSdFpr8hWG32aiWulAosbLjm2xl-DCrsThX5AYgGW1VQnDrwHIZwViLR7wtzs5aDlFNf0zOcRXRxtw7eZMevSQ6Nlb86Wc5iGPUZqakmOHxw9ea_TH_TDavjt5GY3tk_6N8Z1VNE942HRD4yq8VJd0u-5Jw5dt0Yv2xd1oy6GGkEXxNXPNOWM-iyyIxEJxyliFsvlxW7oCbLExSlp2dXMq8xFfMIHUMecAMoCcmgr8HqX6oSjFxM2OcoGHTTdWmUlD5vZ-CxR2B3DN3KSZoYB0VyY-fanXxp-gBMNKitRjaE2DZ_Lp1VuuZYU-KAEwZbspPffQ1RheyJR7xsCfLHneEnZtxGUjkfEbm1u0y1RozxC1HV-hFNd4d5yfV1IE5BBmTLbacN-uhH5X5nGPQSHy1kLoqJFbBCPuPgxLXFSztGJYeZXWz1aEvaCj8OjCM4P9-GHFuLFLTr5AmQH7eiXsUJ6RopBJ_0PQFo6VjzDuqvCR2H8-i6hMLMdcAXGvWn3isymIjLMHDhrqKGV0knaTlbGC-ZquOsd0vyK1h_mfaGmSgfXIN14JgYeecURcknxQS4k8CBqIfzmQlSdG1OSE9XXcRjvWVCXN05oGTZf0rdW89RCFaHaTPpbmek6VFvisUbqC3Y5edBUC0cjJUU6zSasUye4J6binQipkOLgaSa_hgcMFX5yKyqPDvIoI2mwLZgpX-bCR7mlB1fNEIbswtrsmspujek0CjuzzvM-nijiFx4QTSm3naSIeqm28_F1zMxrDzzGmo-IRpUgNoGqJrywHJ7IRpuUkjjRZW9Rpts-g_tE

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame BF0A 64 KB
8 KB 23ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 88839
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6814c5767d23dfa9-FRA
expires: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame BF0A 18 KB
19 KB 27ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71020
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu3ZfKkJsoICWMZ3oWVwN0wJV-MOmSkGpS-sg-bzgC0H2JyYoOG2H6RRGBDugvtK0swUDmCRZw5CnnhDtp6VfSq50LT7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkhuMLiSYpBJjlQtrgBgwAbZsr03NMhv%2Fsvc0jqREQOLCvEeZJ4h%2BTQ%2Flry1h0wDlAyGW9mLNW5eSx1jz4urQUPvAn4N0VBqOLsWOMyTqtOcL9esuvUltQkHVXLQBYHXDyhUAG76o2Adf2Lf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6814c5767e382bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame BF0A 2 KB
2 KB 22ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74480
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtzW_cNBwJwx0PzFPvyPGdOpkWfR5x3pALA_j6DOJ0GFi_CLdzTtInGIndFuzwze4QywgPbgOJAUYMCKuceAVgyaxmXyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EBQ4hq4Yf%2B6wV16YyZkdtouUx3MjlmeJd0Z0mOnzxDNvWGa9pdKOI8CDfM%2F9qR5jwtUkQaf0QhDBEwA1OS%2FwXvoCL%2BcNhwU%2BOSK9gPJ8PuPW%2B9zD0WNNmOXDu6G4Yr54LQeZvfP0CrQ9se3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6814c5767e3d2bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BF0A 43 B
704 B 101ms
51ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidabf66IPX6Zc_N8xou5a4emJyaZ2kmUYCasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame BF0A 38 KB
39 KB 27ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74032
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdutskbNwQUtE4yJR_IfkxwIZQCKxWAx5FuAxSG_6lIUWFWM0OebZ0dDVYDizjhDfwGiCWerGud1zIhymA2bEUU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ1EgAttGf6pFZcTo9Airh9DDrFhWI3CpLqrRv%2BGaZezlNlhG%2FvoLcYDUa4F%2BNL%2BEzFg4mYn6WdOgjJibF8fGURcvZoQUJlbLG8%2B5xQO2HW%2F7%2BT8nK4itClAf2FWoXbvayiU%2FyTUJvpilxZT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6814c5767e432bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame BF0A 113 KB
113 KB 23ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68367
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtGGY-TfdEBONaJWMJpwiQgyfp9ni87daPKpZZspWZ_tABGTaEHVPnClI4SlgW2BDYb9FqxdwZeTAj-6Gqcxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jgfDzRp9dRY4BdemoUP1pR0KhnOhOZKhZ%2FIK1R1Soqrbw2HG1alaZhWBe%2Ban8O3Lcw7hnhzJGy7aZPLDVOhkyMbtoyRlmWTUnNek63wUBOgu%2FYpjTVBYmWznXWQ%2FoXn1GY%2B85J9%2F0R%2BoGCf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6814c5767e442bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BF0A 43 B
704 B 124ms
71ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidabf66IPX6Zc_N8xou5a4emJyaZ2kmUYCasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame BF0A 8 KB
9 KB 19ms
14ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441084
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nVVHiqL9rjYSIzQTkYJz0oLG5c%2FjUfzZtCxkWtMi8SrPw%2BF%2BnXhpTjb1SK7jRkMgHcaX9hv5u0bE2f4K5A2G%2BrEyhwPq%2BagZ0vWOdKsf6AOqaRQHXiRiUgYEJ8PxX4LYtIuEH3UHouYauz4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6814c5767e452bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame BF0A 30 KB
30 KB 28ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66741
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdu84e19rJ2tl2eC1hfG5rsm40RuUxpaeghBs-G4kL4DOxX27xauV4zf9fkugcQCP77OannApWMqktWvDQHY4oj4XLMrzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBLLOyNZTH9WlJR3PmeqPvIu3Tf903xritBUaoMPgHwsLwbDnw0%2BJxhylzc%2BxEJVRqn8xtE46nnZemMObFUPbnpeNNdHgRsbIUiUbusjqHqCWMlrRBGF9qfg74zvtL2c%2F2VrLRcrmdmBk0tW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6814c5767e482bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame BF0A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COa1pqTBvfICFf_auwgdBlQIOQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidabf66IPX6Zc_N8xou5a4emJyaZ2kmUYCasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fa17f0-010a-11ec-a5ea-692d04ef6a29

0
518 B

130ms
55ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fa17f0-010a-11ec-a5ea-692d04ef6a29
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=abf66IPX6Zc_N8xou5a4emJyaZ2kmUYC&g=f8d83e3b5cc9c786257ab2928c08da1a%2F1814419954961875689&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677108&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20411jtyvvhfb0dabpj8cx4m38rmt91ddkx2a7qvsh9vmpebyw33psezv1fsjy4fwf5y6wqgvq1pp2gccb35pva4v8kszrjt3tr4801jex9ynwrfps8gy0q4gs0e7wtw7kg630j8k4jnvw9pp68jq2q68637766rkapj5n76fnzwqk6s4d1tssdcjv4g99v5bb09q2r1vk0mjqrzd025z3d93asqgz6am6brya3jcecw18dsgv662f92g6maqdg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNxCFVIceYdSoGojE7_UP2f2ucJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QPR8t_X9-v7Jgt2LKhPXSuTUzZxj0jMbJ3OICJhxpODYdXB_xb4ArOV83ToAfKb6B8_bk4o87klSPpmmLkusKB5FD2O34Am2uSxQToXk2_-G5E8_29Y7APDZzxXFZgLgB7Yqsu_ALLAIQrvYtwidie594IHLHkfh7UVG-99IBdB_xK3LhPjfrEmd6KISkAGG5wZxrp9vLDTLqFc5OnFK9vUnMvFMW0zCABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0FJebSX5D0fuySvOfgvC88R1jN_Q%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fa17f0-010a-11ec-a5ea-692d04ef6a29
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 56C2 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:17 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 5109 64 KB
8 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 88839
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6814c5768d36dfa9-FRA
expires: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 5109 18 KB
19 KB 18ms
15ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71020
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu3ZfKkJsoICWMZ3oWVwN0wJV-MOmSkGpS-sg-bzgC0H2JyYoOG2H6RRGBDugvtK0swUDmCRZw5CnnhDtp6VfSq50LT7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIyJN2d3NF9RMfVvlEGj%2BX6Rvyus6Ea7GmD0GDNBv7dEpTpqHxFp%2F1fQHcGmeyn43lged%2BfMm7D7tTEiDe6KRSZZJHmXLyJI%2FObgxJNhr9oLcjDTVwToTuPVKodO5NNke2t5z9dbGtk0lStG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6814c5768e632bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 5109 2 KB
2 KB 19ms
16ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74480
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtzW_cNBwJwx0PzFPvyPGdOpkWfR5x3pALA_j6DOJ0GFi_CLdzTtInGIndFuzwze4QywgPbgOJAUYMCKuceAVgyaxmXyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEyl%2F0%2BIZit0PtW4GOl%2FH%2BfXLiavZrdXah5PaHmj4HpNI4EIQMw2A0Q5YCjQf0S32SSXqQhlZNlaxustUoiWByS4ScuQvLStu3TeWb22Q2pBD%2FmRHyh6caNcAiMpNlKWgLxBJbmpQkCzAyKj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6814c5768e6e2bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5109 43 B
704 B 138ms
76ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuid4d2PffB2YUGVqFmqiZwi6A9iJcLCmkheasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 5109 38 KB
39 KB 25ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74032
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdutskbNwQUtE4yJR_IfkxwIZQCKxWAx5FuAxSG_6lIUWFWM0OebZ0dDVYDizjhDfwGiCWerGud1zIhymA2bEUU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHuyu3OZJPgYrW%2FRy%2BYVL04q5%2BGkvYbeCV%2BgSoXSAgBXF7%2BqHPqKQ1tFbGk7EoXk5vYSSTFQozeQFFr8skSnYBao7ddPv4nyJDS4dBizTnqIiA9C8OLXu%2Fze0JNIjU%2B2rnqpTTYVxw9NFv67"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6814c5768e712bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 5109 113 KB
113 KB 20ms
16ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68367
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtGGY-TfdEBONaJWMJpwiQgyfp9ni87daPKpZZspWZ_tABGTaEHVPnClI4SlgW2BDYb9FqxdwZeTAj-6Gqcxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgBF5CREwtJIMl9zKwOMgbcfpi89zgSylzbj9vyTn%2F%2BTrVzJzB7CwgiokIqbUEjBYh7xtmFrkA%2Fpm2s514CDZgPrgMyIgUQfWRDcQn545WKnfxRsI1ZVOAl6%2BnjylzcnYo%2BYXuqgn1Ef8hPZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6814c5768e722bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5109 43 B
704 B 151ms
59ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuid4d2PffB2YUGVqFmqiZwi6A9iJcLCmkheasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 5109 8 KB
9 KB 24ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441084
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyf90pxqxKjapEBLJZHoIGqCpKcMSmVatusDRwcM0CAIKfjOPvVitdNTamMAFD7Q87hCwCwCk9RHprEAEqDES%2BOj60fPc9yRZvpnA2TBepaswRiEkqbhu073fOlhBNSMDFiM6Nca76t%2BS9hU"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6814c5768e732bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 5109 30 KB
30 KB 23ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66741
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdu84e19rJ2tl2eC1hfG5rsm40RuUxpaeghBs-G4kL4DOxX27xauV4zf9fkugcQCP77OannApWMqktWvDQHY4oj4XLMrzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbMuQspVg8yFMwhkOzesDJxUgtBLgQ9xTPaYX0%2BZVm6zPW6Z8Eu0FRcyCbItF4%2FqoBTJx36Y84GFzCs%2FGZ1aQopD%2BHTTG%2BzwK3uN%2F162IXPjwMz6rossnyUnoQYUmrDyf3b0CKjh1prEd6uV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6814c5768e742bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 5109
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNi6pqTBvfICFVAr4AodyFAKSA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid4d2PffB2YUGVqFmqiZwi6A9iJcLCmkheasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fc88f0-010a-11ec-9723-692d00a25ac2

0
517 B

185ms
29ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fc88f0-010a-11ec-9723-692d00a25ac2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=4d2PffB2YUGVqFmqiZwi6A9iJcLCmkhe&g=1cee919feb6b793cfa735cde4e52488e%2F17099875494763326692&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677109&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22jbp7ngcknnrw17wzwqebcemseqx7s1rjmnch1y9c86ss67jxq4akf6h56nn6x5pfvs0rgw34mb1twkhdgs397c4qck0m0rsw1hmmsad1m76w2p2we61rnmw92gb7c413pw2bygysw35w52mhzgv6dvta8s9qtwgdrm81wbgmefqz42y24b46n6ajdztx03pdawsxkrn38179m7g6z5f3dy30rebcp5b9c8c5n7qv61g5975fkrpz48enfhhz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCWBcVIceYd7FEISMlQfhvI6oCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzA2NDY0NzM4MzAzMTYzOKABwq7o3QPIAQmpAsvXxWu0obM-qAMBqgSpAU_QJPXU9Nq1_EuIiPNXW1vv7vDNrbmb1mqs0PxB-Ej3n7Y1AINmde1ZVl6zWV3-7uRNv04INvjeOPNhswWMTPAiZZ2BDOi9bHGLqzSTyDrDgsUyMUYcHg9fyVtHQnA7S3139Q7DVywNzV3B6elYs941cPfJ5mV9OKxPEBk5nh4R2KfMSKfUGs8wpR6SvrGj6BQTUXwcRDpgmNT8go6taYCUdforBiIB5AuABr_Lica30_nRW6AGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1d4BiXPylIVmE5ZtW9YUng1G9XJQ%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

Redirect headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fc88f0-010a-11ec-9723-692d00a25ac2
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 9C85 64 KB
8 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 88839
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6814c5768d3fdfa9-FRA
expires: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 9C85 18 KB
19 KB 24ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71020
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu3ZfKkJsoICWMZ3oWVwN0wJV-MOmSkGpS-sg-bzgC0H2JyYoOG2H6RRGBDugvtK0swUDmCRZw5CnnhDtp6VfSq50LT7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQUh%2BStu5eiF5gcwxPaAbbKZ2X4%2BGhfEXiA0ikrf8XvHp4x6L%2F4RDUTsT7aHATFWJrxDOL%2BHYQQHAe7%2BQ%2BdU0S0%2Fw1%2B7qcGI3LEMXm0ho0oDRwkPvfCc24kSMUXj7yYgViNlFyhUSMmVmy5a"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6814c5768e762bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 9C85 2 KB
2 KB 17ms
15ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74480
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtzW_cNBwJwx0PzFPvyPGdOpkWfR5x3pALA_j6DOJ0GFi_CLdzTtInGIndFuzwze4QywgPbgOJAUYMCKuceAVgyaxmXyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKJaZXAfGpspQxCV4%2FOesy9yGiBibBpuwZsKi47qNUJR1wAdYZVTG2Vcb%2FPP0U44dNAy0NMcdDu%2FQzmsz6cApfaElrISyqvzm%2FZeLZDDfKNX3%2BUv7xqh93jznFDB6frI1LFA39KHQgIYc7tg"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6814c5768e782bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C85 43 B
704 B 168ms
55ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 9C85 38 KB
39 KB 26ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74032
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdutskbNwQUtE4yJR_IfkxwIZQCKxWAx5FuAxSG_6lIUWFWM0OebZ0dDVYDizjhDfwGiCWerGud1zIhymA2bEUU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fC1G%2BUD4y0ECOjgv1jO%2BqqugZiBz72W1k2YLEFjyftnIHP0W891b%2B%2BbCyt2Mlpg7JK%2BF2SopVtN6bU%2BnRf%2F%2B8bhuNxOXhU2EStugoVOZW5DehJN43v432Th8wUuJnYshaNL7IVStlAyvdaCH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6814c5768e7a2bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 9C85 113 KB
113 KB 17ms
16ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68367
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtGGY-TfdEBONaJWMJpwiQgyfp9ni87daPKpZZspWZ_tABGTaEHVPnClI4SlgW2BDYb9FqxdwZeTAj-6Gqcxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWSvIbdfxAVndF4rXKV4tLuvRnlq74UGFElutZj4wTL%2F78J885U%2BGTFvvR%2BxcJ%2BgZLcWccV6Xn2xmD6XbkmSUaiv1m1%2FDtPLuRXmuKVyIjNv6M54hlpzo9xe8HDpOIShEyG8xcL5g6niEM64"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6814c5768e7b2bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C85 43 B
704 B 191ms
55ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 9C85 8 KB
8 KB 22ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441084
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NkUMFmVqTZj%2FMJAl2rAAaQXyCELsWBeAjJ79sqgvAT2W0H3vV1tQ4CHNtsxgALrlx6XhHRDhs9QYuR9HnP4UW94J3qbDlPCm8Kt3lGtc3%2BGp8y4QGesSB5fKmTMRBpt6GqjvtK0l3J6rYIw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6814c5768e7c2bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 9C85 30 KB
30 KB 25ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Thu, 19 Aug 2021 16:31:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66741
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdu84e19rJ2tl2eC1hfG5rsm40RuUxpaeghBs-G4kL4DOxX27xauV4zf9fkugcQCP77OannApWMqktWvDQHY4oj4XLMrzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqmzrGB935ivldMhlxgyY5T7pNHxHyi2QcgI9mYISZaGw20BoR67zGLxpzoPEmrU8S3UprBmIYGyYUrwi4ONFH7yVEX3X7j%2FN9X2oEOlfr5hm3CMMEFLxiR%2BajaNXYi8wGH7eDZUSmTvnfHq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Fri, 20 Aug 2021 16:31:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6814c5768e7e2bc6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 9C85
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLe5pqTBvfICFWHHuwgdfHUJbA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fb9e90-010a-11ec-9723-692d00a25ac2

0
517 B

154ms
27ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fb9e90-010a-11ec-9723-692d00a25ac2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=&g=b574a13c8b192b5e09196b9d79cd5df0%2F16675038831495450052&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629390677120&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mcvk7ffgfkw1gd1wch5nr8c6j32d6nmprj7avhdat0f8ym4mjwzxa1v75asb0c564zx9ajzv9nz13nhd7qbertq1e0fxfejw3hb4zdtf5v6vxsg4vxp21r3wex6mbcb7yh4rh2f2yqrsypsta3nq52xh0rczmzed443c9gqk03rcctp6mrs3by2vjweb0aj951q98rh170y95y68k8hrh5rdz0mc0fach7x4s0xfvd1b0enhhws2xhp2dy03g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVFznVIceYYa9HKHi7_UP34-ZsA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzigAcKu6N0DyAEJqQKVf20fxJ6zPqgDAaoEowFP0GGifgY1a6KGU5qHMwhrTvwu-OT8595zXkxZh5Sl0hdXJyj4G6TBCuRZu3R1C76D1bDEAHg_GwFcTTspvQmqbBboGAb9CoY_f7C3TrKiixoTxB743ZIK_kB4K6Bzd8RcqOFksVIZDp5fWayNrW82v1HzwiVUSD4D0n_yHbBlXLUzfXAdTgQEmEShN1MohzwLpSiMs-6HT9BmaFf-A5bi3dnkgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_06ATol25PeSZx4mmwb4ZXbShIhxg%2526client%253Dca-pub-3064647383031638%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

Redirect headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629390677_e0fb9e90-010a-11ec-9723-692d00a25ac2
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 7ED5 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AD0KStEuj5bs9o_G_f2oJ_NC-JLFo8e31foWYiw_Q7ZuF2EQFCqQxjCE28G4Hf1MH4Rag-3BY5Cc9-8LueWs5E9GbtzcYmdl2dxCJ7dyG-L1cqSjvlK7pdHE7shPV8XzBjytaHyS52l5-yX4qS9vAj6b2J9A&cry=1&dbm_d=AKAmf-AnsmlP-vQVoTCa6aUSR_dop5ijzvnqMsRaevwErFZs_QgnqyMTDCo080xW3RnX83_qSXVbhNVYU3AGmIbKO13fe6aTRzeVgNPWeLiVyOyntj1-BQJJquFYjRg4VLCToDFQ-Apfvcke2Vn37LtbN3hwkTA7IhOWQy51sZBwW69SYT76BDdMyloquNMSvg1UMc_x0ETGStijG89QIaiIoxl2bYXZTmj-Vbo7-hqiLZaB_20aQFA_V-EgP5ExWJrRFbAnr7ql8wKNVLrHJh8tQspCLXUaQ14SbHwtWhfG_KJFA2CzO9onZtU29XVP-q3W68_vTn_fBMZqKrLdn6O4H8SJrJH8vljjHR2MgwXjmwfVw3vCj81SZs7WjBW8EWIzV476pHUTA4vlytdbjrWZ34oYcLAURmELU3y1O0D5hV02N1RUxPsKxTJrfqKExWEphVPDhFXDquvinbXeIBe0W3JuBTYw_xzhoLLicOjUBUG1Fpn42JkwMWdYGvRyMBPNfrZbT_7FqeD7YamB-BYRvfDIqBclFi5dQM2ZdS_8q5eiH6uUB6qiyYNC9_MRwpsvhgqzXnor-vb9X8zYN1dAbLTXFbTMLuBN4XsR4-ymTcCK2Zxd2O8EZdTPtF-oTuWBwns1Q2FFpj6ds-p7w1PCK--ajYLWY1XHzwDThz61WWJcgrwTbOxCeLIdc4Lmu9StdXx-xbRU8GXLPKIoAUpwLw1IYVqzyTFuDaxoA8AzGOV2spDWYqrgXUgW3E8IsgH5FkOic85VTTmPUoS9Wk3uVe8rIf9QDBjIAJ_BdCEJq49EOyaSf27n_F20fGHVZJo3a2WeRGf6lQ_8DTKftqQBxpc2_V5xtTnrpOhCLOharaAmlPv4VJQWZGAXXQZpDX5n2Uu9QpJv0FNmltPbNyJ5PC7-7OdAGm9YizDUkwkgjQvMybuTSE99czF4t91LSq6hDM7Yxc2SWrqH0oNUdThI8HAzJrijmPdwESRRCQqZl7m9Td7yAJmQAyNWaHVRQWXBZ9J89sIHlMAWxRBdbGgblAPCAS6zJLh9xL6H8GvWOdFBoJ6tYZ_rhrOhrRFc2O3-BcdsqN2n3rxFpHlJxEpgH3NsLEbBeuSu1_4f6-cUsWO_0oGS4KotahziGoi1UUha89TQkdXWU4ns0JQheJjYL2xaYfnk1xIzqoRd0Woo7_9rMcRETPr0o5QHNVSbgeHY_LsY9eIJ_FEpybhSqaqkHsQQyb9mE60XKj9yE6pKuPGtjRWpkV5Z_5D31NivY4I8Z-SkQoK8qyFZ13OZUs1Jy8eeiNJhQb82Oz69UCBl4_EylLYIRm8N-RNTai15J-ITQjzvSB1LaiG8AbUWTXCFiXG9xddZ5H2y7oQtsorG8kRmYBAd5WMdjjHwxD2X1pRY6Hxzj-HzcMTttSsqvZVsZURrrlDX3SEB_PQZU4cj90S61TtohyJRcBbYcRmpuxw4_xBPCbBrgaojcy2j0sgX1nzkON6q5Er8DrDu-QGsYL6fL-UsgUR_wSCj30xIN0rtm6A5eTqAaLc_BydOcJspbb98DnhZMJG_DnoruwRMDtu1pt4yb7FBF3SDwG6A9HzhzImuKGUlvfyexFsPFtDCQKPHskRPFcQfeIG9a7_PPJTAa6N9B0BOZlqW1QIxk1L95y2lbaTFKN3FO19YEIPNUCt5AkXbEVIIJrSb0Cl5RRSvzGvOZXVhRQFBIqS_wbWz_kZDNuxhEm-zi5iq-NNPsEdVotSBiv0ZUm7uFuPRRCFszls4kGBNv0xKS4KPWWawIG2F3uBPwIu1riw2joz0Oz7dkyrpumEM4Nd3i1coiNMyoXMwYY5c3UTnV-Dl0USkhCiAWGkFDjqQVh0BjVmd2XodUbtPil3ozNZe_Cdf3Dm6eCq83hq3JaPwqcSOpDmeonam3M8nxmGkMXsgU43yRR6QMz9mY8GUf4Zo-so4YztC9xffZngDRJzm663ALnft5Zdj8sJMm8-p76Txhrn3HfUuii6uSNOAfNkVkqr_XRKZSsZh-q-CqGfI3wvHxh46lt_uva_D-4G2Rp8tumnWxs8ZXrnZ7X9a1GQCCteMYaO4EBGUIN3QgTqCjHVgREIvk0-BGFL_e9hDxH6l3YvqdWIsh8mr1xE14F-47t3cd5sPcabl_uqvHn3gPGjJBxSJtU3KrPH2VJ4_OdvhtWgh4A5kp9Ax4rF95txyWMbFvJTd9PbyLu25XDdK8XSGwSFaO61NH__ct82kT3rdTQ56LAwHT18-D3PPQ3PfrvtbhMXjd2o6yMdncQKGQNKTijCrerB9JIgcFjZw74kfehH1ClqdQIKpg6a7mL8YoIPkAvkWP5DagsVPo52h_HsDv5uQCKENfSZS8ir245DXo1XtjRWMhe9fN4u2mrAUCK5nh8661Bk686nes-4_NiiPIBo2WMOPZMDJVqr7XGSf5o-S7cBc5m8OR8DOsFyLW-YTGf5IYRkMEmEoCdi4n3P6sgrKUgtyJFMvm77gcHchPw3jiqKCJ2CHQOXW6HX0hsw9SMgTxGRm-6MM_wV1uIWvJEeA4CRAcck-6PwPDm6WYesdJnlEnacqxaOoUXBi4S7oG4ms3nhHxLM1Yf0fkaQpJisJ7W7rRZbedc7EQ7IPQi8IesKwTaD7ogSXM3YTpkvjNUbymdBadv_0J8PwZrB4Ub9dKhqYTMtEN4Jml0-QiIKCoHAnGPzN9sgsHgTTXax0dxeY2uMrcO2umtnm50lfvqCw1hILKvKSoLDP-RrJj2TCLxDU8273CVrD2p7Dp-D8gl0V0tfc_CMD7d1lg2cQQz6t8QbQ_zlnTnKdmpuBuGBCBtE_Oc7cJwsN9IsXySbG-wggVphC_e-LciWGvDGaM0-smcpxR3070Fj75tsVCQvT5PaeQTBFxu-Yt2mUJM51NgFmZSQaSqRS6n9ZFnmx0wf3LGwr7_6QzhPGFGcJB-ldWeOahyG85Be-5SPB9us5LCbJ7t0RiLOZUHjVCYwRbxGUk4Jvla4ORKTQv7f6_Dz5RgXPDtWbgzbUVZjIpwGz-e9GZOODx4g50snnFCLUA3L6-Xz_At_2dgREQ_tEjM86_Wx2MJXqb6q6vlueI7x-4ss7z55snv4eC5iaKREpEGPQuq8DgdphCzu3XT-2_i9FEKWcE-YlmLRXphk6aXqeJXOoXAVHml-EAf7A3n1eDY9SjvaIG-oE584d-6-KoCqPADEqFRnBI9m5-GFo6DcKnnrKmNaeFM9UiAIJao08x2-zv098eY4uG_dPvQkN8zoRLdG4VRIS5Yi2qnOdfm6k7O8QP1a3xrbQTt3QsmUGzIRcwjZQrJUcB-8JONbQn_ltwdbU7Gx2MmLJ46cGTYlvCTKqIOj6t7IoZxZ2u__CzDpZWFNhbKENKlafSfim14IcL9IBt-T68IamDbd1NEXwvXsXTKwH9re8KhvqWuPmv7radsIE6nOsoMtSgRJ3RlRQBqT2_mfjUCeVWdv8Uc5wgyBhTbb6a9heLHnJDKvDnhvSfVIGudFt&cid=CAASEuRop3_b6lZE6aaI1n2hlrg-Vg&rfl=1%2Chttp%253A%252F%252Fdynamo.kiev.ua%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:27:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7ED5 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 11:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 11:32:33 GMT

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FEAE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A01 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A463 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 11:32:34 GMT
expires: Fri, 19 Aug 2022 11:32:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK mu72dqmlk6df Show response
hal9000.redintelligence.net/zone/ Frame 7ED5 11 KB
4 KB 103ms
34ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/mu72dqmlk6df?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPReKVIceYdPDNaKMjuwPqbabuAHisNzwX76z1PuJC_AuEAEg4-C8I2CRhICA_BfIAQmpApV_bR_EnrM-qAMBqgTDAU_QtduQEApZbI-g0pgdnsdd8E_aHiVO88RB-NBTQpRaME_OyqixlpJjk8FmrrWh_czqZmxKaKD9qlHc2uGVMBMqn5u2kk2FqKlRTs2VW_1NZtovNLjHEtfFcvvMXiZUpv1jgRdzJF_MbrBduoF0Dd1KvAUYzAmmhgDNdO1a7eUABpRapPCrEeqNPmvNAJjPKT8TA6Cw4wJLh0Xp4uMxvHoUflCRzbbzjAQDYQbAYCaSjoYByslNHOTP13h1PrjH803XecAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBOX5bIK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRop3_b6lZE6aaI1n2hlrg-Vg%26sig%3DAOD64_0Q3Eb_KDXi1pTg2YK97pB2giiehA%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-AUnQlrpBdvt02UR-8WqFdmN2tpfIZjrZuYy4fl1ywSIzZhLFA-utVzrtXqgSkhdRDAkOnPryrrnDT57M4A5R0tPGO0t2GKM13Z8NY8X6Ol8UcL6nPH0c_CCsAt6kNokCdJoIfnd_xL90MgJ9EJpyXez-EXpg%26cry%3D1%26dbm_d%3DAKAmf-C8XytjBWrJUDQvM6n-8r-HpmmgdYpOkXzpIW5OE_vqQfxu1WuNlgUZtyPFEh43OOG1q6pef714W6PGYjFCCm0dgbbyC9eTCu0rhit0wfGJwpzJNuv4D_7g1xo-9PvKyYooaGeAbAn8Fd4AH1t7irxqwsaiY5jXuhGgpsHVnqfnlsmTBSxyriHkTp6iP_KtAWtRWBnpeCjexLxNO6mWzLXd--GA-b6sdtWgaZxH4VrBZKd6VK61KIVAqGwA8jV3igf5rVoW2Ql3rjFLW4weEDbr-T3bjoI0Y6fdYDLbFCGr5l9Tb0hKMJ9JK3_3yAf_bHhP5cuuHXWh_n_Kx3Rk5zb-59Djh361cYoEzcRR_yktt0PPg_N1mvp5l2TpJuQhmPjt_MxH9GWa_qG_AjrBLeYU7RzTvbALCXhPIqO3J5pZZV-Vq59_Qn6cHY3GTe24XTZGCYDw%26adurl%3D
Requested by: Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d58fde3663123b6315343430dad5ab8d9ffa6d62c7520f6fb5c4c0bb7fed9b16

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3888
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8300
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKEz1ZuvyMz7XHw4iONguVo&google_cver=1

43 B
106 B

23ms
23ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKEz1ZuvyMz7XHw4iONguVo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKEz1ZuvyMz7XHw4iONguVo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8300
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRiZTE5OTAtNjIxOC0yMjNlLWZiNDEtMmQzMmM0MzEzYWI0

170 B
188 B

33ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRiZTE5OTAtNjIxOC0yMjNlLWZiNDEtMmQzMmM0MzEzYWI0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 16:31:17 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRiZTE5OTAtNjIxOC0yMjNlLWZiNDEtMmQzMmM0MzEzYWI0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 8300
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEDTVyXc4nxFyZGj_4ersOjo&google_cver=1

23 B
172 B

107ms
51ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEDTVyXc4nxFyZGj_4ersOjo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 19 Aug 2021 16:31:17 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEDTVyXc4nxFyZGj_4ersOjo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8300 23 B
172 B 152ms
52ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwKG1PTAB&v=APEucNV2hgJueUC-FC8v4Q-0rUjbXgKibxYVqLviDDDF89ZjSCB38ooeF7JVe-loQJppiVXekIfpPWzgCOrCAW2Ezp3hM4AW1Qphnv8Gv4Fh5lSYcpB0612G-rJ2HGeUtR8KDJ6yvOl80ZcPPp2P3iDL1axH2vbb2tdz7-Xrp57Rmaq9NkoyZ6w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 19 Aug 2021 16:31:17 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9553 35 KB
13 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H/1.1 200
OK request.php Show response
hal90006.redintelligence.net/ Frame 7ED5 3 KB
2 KB 180ms
100ms Script
application/x-javascript 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=0acc2e174f&subid=&uid=b257900b99164b56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPReKVIceYdPDNaKMjuwPqbabuAHisNzwX76z1PuJC_AuEAEg4-C8I2CRhICA_BfIAQmpApV_bR_EnrM-qAMBqgTDAU_QtduQEApZbI-g0pgdnsdd8E_aHiVO88RB-NBTQpRaME_OyqixlpJjk8FmrrWh_czqZmxKaKD9qlHc2uGVMBMqn5u2kk2FqKlRTs2VW_1NZtovNLjHEtfFcvvMXiZUpv1jgRdzJF_MbrBduoF0Dd1KvAUYzAmmhgDNdO1a7eUABpRapPCrEeqNPmvNAJjPKT8TA6Cw4wJLh0Xp4uMxvHoUflCRzbbzjAQDYQbAYCaSjoYByslNHOTP13h1PrjH803XecAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBOX5bIK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRop3_b6lZE6aaI1n2hlrg-Vg%26sig%3DAOD64_0Q3Eb_KDXi1pTg2YK97pB2giiehA%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-AUnQlrpBdvt02UR-8WqFdmN2tpfIZjrZuYy4fl1ywSIzZhLFA-utVzrtXqgSkhdRDAkOnPryrrnDT57M4A5R0tPGO0t2GKM13Z8NY8X6Ol8UcL6nPH0c_CCsAt6kNokCdJoIfnd_xL90MgJ9EJpyXez-EXpg%26cry%3D1%26dbm_d%3DAKAmf-C8XytjBWrJUDQvM6n-8r-HpmmgdYpOkXzpIW5OE_vqQfxu1WuNlgUZtyPFEh43OOG1q6pef714W6PGYjFCCm0dgbbyC9eTCu0rhit0wfGJwpzJNuv4D_7g1xo-9PvKyYooaGeAbAn8Fd4AH1t7irxqwsaiY5jXuhGgpsHVnqfnlsmTBSxyriHkTp6iP_KtAWtRWBnpeCjexLxNO6mWzLXd--GA-b6sdtWgaZxH4VrBZKd6VK61KIVAqGwA8jV3igf5rVoW2Ql3rjFLW4weEDbr-T3bjoI0Y6fdYDLbFCGr5l9Tb0hKMJ9JK3_3yAf_bHhP5cuuHXWh_n_Kx3Rk5zb-59Djh361cYoEzcRR_yktt0PPg_N1mvp5l2TpJuQhmPjt_MxH9GWa_qG_AjrBLeYU7RzTvbALCXhPIqO3J5pZZV-Vq59_Qn6cHY3GTe24XTZGCYDw%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=3611940612161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/mu72dqmlk6df?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPReKVIceYdPDNaKMjuwPqbabuAHisNzwX76z1PuJC_AuEAEg4-C8I2CRhICA_BfIAQmpApV_bR_EnrM-qAMBqgTDAU_QtduQEApZbI-g0pgdnsdd8E_aHiVO88RB-NBTQpRaME_OyqixlpJjk8FmrrWh_czqZmxKaKD9qlHc2uGVMBMqn5u2kk2FqKlRTs2VW_1NZtovNLjHEtfFcvvMXiZUpv1jgRdzJF_MbrBduoF0Dd1KvAUYzAmmhgDNdO1a7eUABpRapPCrEeqNPmvNAJjPKT8TA6Cw4wJLh0Xp4uMxvHoUflCRzbbzjAQDYQbAYCaSjoYByslNHOTP13h1PrjH803XecAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBOX5bIK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRop3_b6lZE6aaI1n2hlrg-Vg%26sig%3DAOD64_0Q3Eb_KDXi1pTg2YK97pB2giiehA%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-AUnQlrpBdvt02UR-8WqFdmN2tpfIZjrZuYy4fl1ywSIzZhLFA-utVzrtXqgSkhdRDAkOnPryrrnDT57M4A5R0tPGO0t2GKM13Z8NY8X6Ol8UcL6nPH0c_CCsAt6kNokCdJoIfnd_xL90MgJ9EJpyXez-EXpg%26cry%3D1%26dbm_d%3DAKAmf-C8XytjBWrJUDQvM6n-8r-HpmmgdYpOkXzpIW5OE_vqQfxu1WuNlgUZtyPFEh43OOG1q6pef714W6PGYjFCCm0dgbbyC9eTCu0rhit0wfGJwpzJNuv4D_7g1xo-9PvKyYooaGeAbAn8Fd4AH1t7irxqwsaiY5jXuhGgpsHVnqfnlsmTBSxyriHkTp6iP_KtAWtRWBnpeCjexLxNO6mWzLXd--GA-b6sdtWgaZxH4VrBZKd6VK61KIVAqGwA8jV3igf5rVoW2Ql3rjFLW4weEDbr-T3bjoI0Y6fdYDLbFCGr5l9Tb0hKMJ9JK3_3yAf_bHhP5cuuHXWh_n_Kx3Rk5zb-59Djh361cYoEzcRR_yktt0PPg_N1mvp5l2TpJuQhmPjt_MxH9GWa_qG_AjrBLeYU7RzTvbALCXhPIqO3J5pZZV-Vq59_Qn6cHY3GTe24XTZGCYDw%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d685f4d0cf33927e59a63178390af1226c2b18ae2e32dd759d521a32d9219f88

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 59913200139931600719594011691006
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1038
Expires: Thu, 19 Aug 2021 17:31:17 +0200

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 62BE 42 B
64 B 49ms
24ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlFqhNSDjwmsa2hROmsoN4FHoiUPoxx7xqXp7T3qkZ9LSbgjKxWhJNTO2EP8uCXepPKXYtuv-WnRkHGKw5p5AoiwoEbUig2Q&sig=Cg0ArKJSzFAznWeaTCzNEAE&cid=CAASF-RoXoS7kcSriGJ1mGHfAzrqvugib3UY&id=lidar2&mcvt=1057&p=0,0,90,728&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2347124645&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629390676446&dlt=207&rpt=90&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A463 35 KB
13 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7CBE 42 B
64 B 38ms
33ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWhxcA2rz9XqWoBdiMSIv68K0M3JGSAi30fI3OHk4NAVJhL_qe0V-Ti-b0KvMFtaexUi4nOaCptAAYjdzz8_z9HKg49qP25R5Sm4HSFoaL791FsqsPCD8rDRjtnw&sai=AMfl-YReqUxPiO-w6AfsV2JSeIGaAQJJ2NihPcT8yYbgc8-XGDQlq3kBZThXrpNN-yw59vVihZwBVrQs7gzPy4gFZ8_1fkKJCoDlrody7kf_th4TBJRCliCmO0uS6VJN&sig=Cg0ArKJSzNPeGNWr_Q0OEAE&cid=CAASEuRowuh6lf0s0i-il8DwKxNeCw&id=lidar2&mcvt=1018&p=289,1015,539,1315&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3945306440&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629390676720&dlt=27&rpt=283&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 7ED5 442 B
921 B 1185ms
66ms Script
text/javascript 34.247.122.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=59913200139931600719594011691006&t=js&wid=tt-327e65
Requested by: Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.122.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-122-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: de4fac8fb451a16780c8fc59110604551133939ed8506f9262752c9c694896f6

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:19 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame 11C7 7 KB
3 KB 344ms
30ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=0acc2e174f&subid=&uid=b257900b99164b56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPReKVIceYdPDNaKMjuwPqbabuAHisNzwX76z1PuJC_AuEAEg4-C8I2CRhICA_BfIAQmpApV_bR_EnrM-qAMBqgTDAU_QtduQEApZbI-g0pgdnsdd8E_aHiVO88RB-NBTQpRaME_OyqixlpJjk8FmrrWh_czqZmxKaKD9qlHc2uGVMBMqn5u2kk2FqKlRTs2VW_1NZtovNLjHEtfFcvvMXiZUpv1jgRdzJF_MbrBduoF0Dd1KvAUYzAmmhgDNdO1a7eUABpRapPCrEeqNPmvNAJjPKT8TA6Cw4wJLh0Xp4uMxvHoUflCRzbbzjAQDYQbAYCaSjoYByslNHOTP13h1PrjH803XecAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzI1MTc3OTMyNTk5NzUwgAoDmAsByAsBgAwBsBOX5bIK0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRop3_b6lZE6aaI1n2hlrg-Vg%26sig%3DAOD64_0Q3Eb_KDXi1pTg2YK97pB2giiehA%26client%3Dca-pub-3379969116950199%26dbm_c%3DAKAmf-AUnQlrpBdvt02UR-8WqFdmN2tpfIZjrZuYy4fl1ywSIzZhLFA-utVzrtXqgSkhdRDAkOnPryrrnDT57M4A5R0tPGO0t2GKM13Z8NY8X6Ol8UcL6nPH0c_CCsAt6kNokCdJoIfnd_xL90MgJ9EJpyXez-EXpg%26cry%3D1%26dbm_d%3DAKAmf-C8XytjBWrJUDQvM6n-8r-HpmmgdYpOkXzpIW5OE_vqQfxu1WuNlgUZtyPFEh43OOG1q6pef714W6PGYjFCCm0dgbbyC9eTCu0rhit0wfGJwpzJNuv4D_7g1xo-9PvKyYooaGeAbAn8Fd4AH1t7irxqwsaiY5jXuhGgpsHVnqfnlsmTBSxyriHkTp6iP_KtAWtRWBnpeCjexLxNO6mWzLXd--GA-b6sdtWgaZxH4VrBZKd6VK61KIVAqGwA8jV3igf5rVoW2Ql3rjFLW4weEDbr-T3bjoI0Y6fdYDLbFCGr5l9Tb0hKMJ9JK3_3yAf_bHhP5cuuHXWh_n_Kx3Rk5zb-59Djh361cYoEzcRR_yktt0PPg_N1mvp5l2TpJuQhmPjt_MxH9GWa_qG_AjrBLeYU7RzTvbALCXhPIqO3J5pZZV-Vq59_Qn6cHY3GTe24XTZGCYDw%26adurl%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua&random=3611940612161&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d9013b82315c33912ea3b5bdf9b3b19d91a3d010a42bfbd193621b867c016afb

Request headers

Host: hal90006.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=9568de60c3852240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

Date: Thu, 19 Aug 2021 16:31:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 19 Aug 2021 17:31:18 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2348
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

cshow.php
www.zenaps.com/ Frame 7ED5
Redirect Chain

https://www.awin1.com/cshow.php?s=2898042&v=8361&q=383360&r=235229&pref1=59913200139931600719594011691006&pv=1
https://www.zenaps.com/cshow.php?pvr=e12ee390-010a-11ec-bfe3-692d0dec5663&v=8361&r=235229&q=383360&s=2898042&viewref=59913200139931600719594011691006&pv=1

43 B
705 B

111ms
57ms

Image
image/gif

104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/cshow.php?pvr=e12ee390-010a-11ec-bfe3-692d0dec5663&v=8361&r=235229&q=383360&s=2898042&viewref=59913200139931600719594011691006&pv=1

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 19 Aug 2021 16:31:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.zenaps.com/cshow.php?pvr=e12ee390-010a-11ec-bfe3-692d0dec5663&v=8361&r=235229&q=383360&s=2898042&viewref=59913200139931600719594011691006&pv=1
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B2A3 1 KB
749 B 16ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48133
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7ED5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d77c3d756f6a9c0690dfdbb5db5b560c7a43cd0a7fb964bda76d6559fc18f28

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DA3 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=320570629779701&bg=!tbaltvLNAAZvV8FTb1c7ACkAdvg8WoruCszjzDWHrQUTt6ySFEOCY9JWgfmBWZu3apvmyMWd81F_MQIAAAGzUgAAAGloAQcKAG_8lj2-K3fylk2VyBTSbQvVV-dlRORhLAYSEhXQJ-EKIJSUVlYU4L3Jg0Ow2mGeRlnfPyGHqM4GtbDqEdXLNnsIcAQwh-3aa_18paDBT6B-n8jQX6p1kN6XsXlhbtCFbYvDGrMN3jnAwIxn6-pvUeWZAodHR7c2n8rd-BwDNSzk19HOAhYeAtArqsgMugLiNz5gsL8ktZ_0JhSYu0hqHT2Eu-2NjhzsvUWs8wHl76jTRP-v473cnA-hAPe8BMK8TGNJuqnskGDcjfOWjU70tdgLTFONuRDnwPd-jmfMD7YA_YqjWhH4a4Isd8SHt70CNdRTNufRc0o_6ffvKkJigOWkOKYvX-QXhQ3IF6PsfdE9oVbdpo56Ez257jQXbW0yiE5iJFfsUTJF5sZST9aGpFd4t6Qz_FRjVQgefyvowULJcNmecRU31av2q4aZUaLqT2gVAwZStnvIle8006VjHmkkkJUxEkZANmHgC-m53xRkZvUEiIb2lrFdnPE4yvjUzem6IWjalXyO-VB0TwPJhphuATJ4BcrrQun3-i8kqj4w6pHcR85u5RgzubJLd_cyTF5s-8sY3IPw4vuFNiAg-K8F6MaSQp46XDN8ZFHJ59874UGCk3-kdBmHgdxi19kz5NhqnSrM4adUp03abhC_RgaxAsl19JW3Iw3Luew8xglV7HfEVmpaqL21deaTZPYmJUenI69RF3XYXo-FU5ooN-ezrUyu_JAJw8eMDRsnYUqMbKf9fqIUwrCGvEH0bZ3Z2IIeyyrhbAbZuGEDSQwH8b6kge89v-Sgh8MWe1XaCORbptR-ZW9tvSaSI2OkeSAlIzwnzhwrr3qT-H11XXsEq06ky9SZirg-lCrHDyTlZoJdO6QTu5EMGVip_p3-5NtVz2_1hS6by5OVtPPHDedJ9uyg2HhoEjmK1bXa2_qJswz71K86DWKmebvGml8IfrRwEuw4fPgQAlQzVGV0mTqcIqnICZinybbuS1jAYDM5P7-X2IOHHBXadJaO6A

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/ Frame 56C2 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/logo.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f35e9a74fbe13330e7d2fa458e3a9fb7e4281f80af3db6bd1d81edc959bde7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 08:33:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Nov 2020 15:29:32 GMT
server: sffe
age: 28676
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2733
x-xss-protection: 0
expires: Fri, 20 Aug 2021 08:33:22 GMT

GET
H3-29 200 zegel_geldterug.png_1611224976765_zegel_geldterug.png
s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/studio_destination/ Frame 56C2 9 KB
9 KB 10ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/studio_destination/zegel_geldterug.png_1611224976765_zegel_geldterug.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0e496819d1228fed644028bb74be285d41013ea819a45b6dfb57be0a29cf6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 07:24:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 10:29:39 GMT
server: sffe
age: 205591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9392
x-xss-protection: 0
expires: Wed, 17 Aug 2022 07:24:47 GMT

GET
H3-29 200 bg_sea_336x280.jpg_1607426223365_bg_sea_336x280.jpg
s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/studio_destination/ Frame 56C2 10 KB
11 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/studio_destination/bg_sea_336x280.jpg_1607426223365_bg_sea_336x280.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cb22a4e1b318a6c23baa711d0d2bcd71267ef3dd8e33b43fe91ec3475648651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 06:54:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 11:17:05 GMT
server: sffe
age: 207418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10738
x-xss-protection: 0
expires: Wed, 17 Aug 2022 06:54:20 GMT

GET
H3-29 200 toeaantui.png_1619700803611_toeaantui.png
s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/z21/ Frame 56C2 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/z21/toeaantui.png_1619700803611_toeaantui.png

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce66a8694cfe9f62d1951b749b0d22c4988c1d93cf83386ad2d63aaf0e7502e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 07:24:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 12:53:27 GMT
server: sffe
age: 205591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1800
x-xss-protection: 0
expires: Wed, 17 Aug 2022 07:24:47 GMT

GET
H3-29 200 bg_toeaantui.jpg_1619700803611_bg_toeaantui.jpg
s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/z21/ Frame 56C2 20 KB
20 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10742206/acties.tui.nl/banners/z21/bg_toeaantui.jpg_1619700803611_bg_toeaantui.jpg

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce406c370bc0157fefcf5c5bcf8a49d92742398ade8ff768ff20b5b813bd1f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61648329/20201130072932248/index.html?e=69&leftOffset=0&topOffset=0&c=cmqJu4bqd4&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 06:54:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 12:53:26 GMT
server: sffe
age: 207418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20072
x-xss-protection: 0
expires: Wed, 17 Aug 2022 06:54:20 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B2A3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2sxN0VpSkUxTWdLV1A1&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cver=1&google_push=AYg5qPJe-9ti3pf9kW3mqaVOVQdMCz-CjcVIoyECwfsoBZ5...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2sxN0VpSkUxTWdLV1A1&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cver=1&google_push=AYg5qPJe-9ti3pf9kW3mqaVOVQdMCz-CjcVIoyECwfsoBZ5cx-RWoJTiHlWFYLL12mLsFB_Q8vLLUs_vBblQCgmcB1obAD0c0ac

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:31:19 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0f2ae110f5f605c82@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Q2sxN0VpSkUxTWdLV1A1&google_gid=CAESEBupdLuMODMFffR3t1eZgJk&google_cver=1&google_push=AYg5qPJe-9ti3pf9kW3mqaVOVQdMCz-CjcVIoyECwfsoBZ5cx-RWoJTiHlWFYLL12mLsFB_Q8vLLUs_vBblQCgmcB1obAD0c0ac
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B2A3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI851FpFH6ksmEcyTjr4mIM&google_cver=1&google_push=AYg5qPIu0kCaUw_4jf68YleinvTYAvGeRrSSY1c2xV7QK-hVzFBlQew5LJHjLYXIamOLue8CPRoKRn-RPe4vibnh...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPIu0kCaUw_4jf68YleinvTYAvGeRrSSY1c2xV7QK-hVzFBlQew5LJHjLYXIamOLue8CPRoKRn-RPe4vibnhiK6JdcYKaw

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPIu0kCaUw_4jf68YleinvTYAvGeRrSSY1c2xV7QK-hVzFBlQew5LJHjLYXIamOLue8CPRoKRn-RPe4vibnhiK6JdcYKaw

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:30:37 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPIu0kCaUw_4jf68YleinvTYAvGeRrSSY1c2xV7QK-hVzFBlQew5LJHjLYXIamOLue8CPRoKRn-RPe4vibnhiK6JdcYKaw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 19 Aug 2021 16:30:36 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B2A3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEM0fDVEOlx-e85qgWmOSD08&google_cver=1&google_push=AYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM0fDVEOlx-e85qgWmOSD08&google_cver=1&google_push=AYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ&...

43 B
414 B

182ms
173ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM0fDVEOlx-e85qgWmOSD08&google_cver=1&google_push=AYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6814c57c191c430f-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 238
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6814c57afe71430f-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM0fDVEOlx-e85qgWmOSD08&google_cver=1&google_push=AYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0uQH1FvDU3AEi8ubQRyzrh5XuNYTNSjiB4pKj8xb82IEpE_xv_-jaJQjyRMeBNVTm-zwi6SF26azhC9Z3EANGAqbEFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B2A3
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGOAR570s9UcEKcbkP-CzS4&google_cver=1&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiGMXAXtDTduB38
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F340A862D594E65A6142EF04662B4B9&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiG...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F340A862D594E65A6142EF04662B4B9&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiG...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F340A862D594E65A6142EF04662B4B9&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiGMXAXtDTduB38&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F340A862D594E65A6142EF04662B4B9&google_push=AYg5qPL_N07o-A3OpAtwHqpE4AkszGY5kx2xfDjygVGzT5f2dWgY3iD6esKO5oEL1iGDEjEhlbJUgGVDhuPliiGMXAXtDTduB38&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B2A3 0
136 B 1090ms
19ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFzb3EG-KAr-pD0JETuo4Xs&google_cver=1&google_push=AYg5qPJpps_ES1SjqQ2caQ5o655kvoN4tef60XJc8j9amQMeo1PmH1STqfiFS8ButUGX2u2BKlUrj5t1L2WAoMqkmBiZN6zwiw
Requested by: Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:19 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B2A3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOBCtLaLIWTZVq9hudefCCk&google_cver=1&google_push=AYg5qPLYhZDi8U4dDHpyJyBIne39wz4fuP2MOn9Ymn2WozqSP1yue0e6BR6gGTp46Eqx_hVMNn_IlGU8on6Y71...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5ODE3OTY3ODcyMjUyMTIyOA%3D%3D&google_push=AYg5qPLYhZDi8U4dDHpyJyBIne39wz4fuP2MOn9Ymn2WozqSP1yue0e6BR6gGTp46Eqx_hVMNn_IlGU8on6Y71xCmE...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5ODE3OTY3ODcyMjUyMTIyOA%3D%3D&google_push=AYg5qPLYhZDi8U4dDHpyJyBIne39wz4fuP2MOn9Ymn2WozqSP1yue0e6BR6gGTp46Eqx_hVMNn_IlGU8on6Y71xCmE_7M9rlD9g

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5ODE3OTY3ODcyMjUyMTIyOA%3D%3D&google_push=AYg5qPLYhZDi8U4dDHpyJyBIne39wz4fuP2MOn9Ymn2WozqSP1yue0e6BR6gGTp46Eqx_hVMNn_IlGU8on6Y71xCmE_7M9rlD9g
Date: Thu, 19 Aug 2021 16:31:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B2A3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJvjDFi4lEE6-J7Rc9DFKcs&google_cver=1&google_push=AYg5qPLWi6feGsxjsL1oIv6RgD1oDnriYjLSc8F42ORkRavlOKS-UF6K6Lml7ukMMKF2zTa45odLIYO4JiI0VSfAvJYxNdO...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLWi6feGsxjsL1oIv6RgD1oDnriYjLSc8F42ORkRavlOKS-UF6K6Lml7ukMMKF2zTa45odLIYO4JiI0VSfAvJYxNdOSJh0&google_hm=NDg1NTYwNDkyMjUzNTI2MzY...

170 B
188 B

38ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLWi6feGsxjsL1oIv6RgD1oDnriYjLSc8F42ORkRavlOKS-UF6K6Lml7ukMMKF2zTa45odLIYO4JiI0VSfAvJYxNdOSJh0&google_hm=NDg1NTYwNDkyMjUzNTI2MzYxMg%3D%3D

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 16:31:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLWi6feGsxjsL1oIv6RgD1oDnriYjLSc8F42ORkRavlOKS-UF6K6Lml7ukMMKF2zTa45odLIYO4JiI0VSfAvJYxNdOSJh0&google_hm=NDg1NTYwNDkyMjUzNTI2MzYxMg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame B2A3 0
12 B 34ms
29ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJHYduRtQmBPY82nOexIH4yRkgMnSzBsb8NglDlfdESTE88nTFczI3oEJ1njQgvZNs_Tqo

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3353 0
20 B 31ms
29ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=1325028995793737&bg=!Y2ClYCTNAAZvV8FTb1c7ACkAdvg8Wo3C1DzlsOLCLspvaYuY0S3ZxkzW63CiLI8e7I8JaSlfvzrj6AIAAAHnUgAAACloAQcKAJMNjFH-j3sssnw5DoOwD0LSLGPGZO5rY0t4tYAf9zvCB0-drOsMjY3skuoTBwrnWJZlylTN-5cG7PJIDgZEic18xIBtwoxFnB34jpT1hO0xiAUsAtnNzxNTGK4h4Afshr9GDdhZvvCa93p6s4i37Eb3PdLb3BaV-_cdtcF54UAODwnWSXpTUzHv1_PgCLqEjzVLSK6ZApKNB5YtKJzAdgp5Yikm5u_AJ-iOMFtzl19u8GICnMRtPBWBNHXqRl-FxFlmwxlPNl_YcnTeKcnzsO3dI9ovFohlvi6gLnCSpKv3z6nUIDocrgBzWWEdYHCx16Wd1SPktHlFJPUErIU459un01pTnbx493PdCT2OiRi9JWYff6v8ed10oyg2e6u8uzDeQFUzGAl5xhKaQoFyR8_YSkr5myM3qlj_8KqX9sqHW0INDLi1NHhy-ptEdXAJ7Iyotl_R7B_lDcBukMQFABcHKbhffUWC01nQ83kWLtWXsj9YvxdQ0Q0k8E3O7kO42yswsMqmWFIrZgeoI8rS8y-eaxc0OG9PGmuFlJwebHGAFOXYmR68KT3C7-s2f3_C1M8Ydl1fm38cJBYxJvQZmlh9lN4hV4MtBdUgEmgQiNr0VDYgBI2jBLtRpTIb1e8rAkuPB8Iz6vSrgbFBaT1BB7R4hWiooJ7dRtpLoRhXUwFNVFWwKGHWGd2dt_pxOv5NVvTQDaLWjm_SyYQdY_uNr4-zabSuvK_maifIF8nFgu-IJVRfLGnPFmGNEWDcsSpK0rr_ZYBOxgBVNq4289EWXnrY1ASoD4luN-oHNX7G8uplnn6czNB7gFxvIx9TGG9-9OEPr0cwxsEv7H3oSKBldq3K7RICgNLxBrb9U3SPWQlnhta-WQ8XrosY5Tvd8LmQ3I9ljFORmsi8PJJCUKOR-NHQN371_m5UCovp8aoZWt4zthJMNBl17yjYSQaFxE0nJPdEw5L8_3PUyiPq1m8pWpb1FXPuNf9ssTq_uSITs53p4nIO1T2KhORelU7_SKyI3aI4qgWNde8jiuuWwWvA8svIb1796w2CINtl-CvizeHcyCk3Wf1VRCoZ

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame A6A7 4 KB
2 KB 1108ms
27ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=9f50197a77&subid=&uid=2cfdeca730a39969&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2729546773374393934%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_cid%3D9971611e-8754-4501-96a5-ef02571bc4ca%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiXbhVIceYeL1HPej7_UPpp2ImAXPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTMwNjQ2NDczODMwMzE2MzjIAQmoAwGqBKQBT9C-xI7D4xjxeCKrOKSv3Ny44-8UfdyFwfN5SO6689DUDvW3nyPPUuIIm9TUFxHl8kllqC_tMHvmeYWH4VCgc4OEsnch7QE7fD4rgve1L_er0Q9gHMCx0Miq3DR0zJvN8XAxUm018jvqg7sqN3zJFtfCsI1JiYJLep-aXrQCEDNDrIvlBLTELZ2qgQkYvuos726qk2wheCAajVSuBJjcDn-UUzeABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2dLHimVQoJZfO4cgfldRbBgT76QA%2526client%253Dca-pub-3064647383031638%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fdynamo.kiev.ua%2F&ancestorOrigins=http%3A%2F%2Fdynamo.kiev.ua%2Chttp%3A%2F%2Fdynamo.kiev.ua&random=4144222282843&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 172c373df72bdd40c01ee490eb90ef2fe7a075b859bdb0a39c92fa4786ad94e8

Request headers

Host: hal90002.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=9568de60c3852240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Thu, 19 Aug 2021 16:31:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 19 Aug 2021 17:31:19 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1500
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 96B9 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 48133
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 36A0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d143b11f43b2bf417d0ebcebb502a9d83ed1b967b4be26b9b0e534911590c2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4399 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=1367353397694724&bg=!np2lndnNAAZvV8FTb1c7ACkAdvg8Wr0kHfm1r3tJSFNftcZAsuGIf0eFx7toRuiYf7trxXTyE3b1RAIAAAGaUgAAADhoAQcKACwozUCEaJpjGIDeRzKS8w75hs5uXGwe8yONv5K9rUNwijriipmmgsWe5jDSNZkClQW5I-KMJLQXMwYbRMYAvxphO-iIp0nNTmdi05IveuUBnMS4f-LH2ir5B6_kgfbWq-fj5Loj7k69xV1QlC7pVkhnZxWHtOi0x3r3jQa8nReZFowU-_t5-fDsnhMDxh_PSCxM61lyKPfdnkXKqGpkOeGy0cYZWdQPJAlKC0KolP8kXAuw32u35cbOqZJgHSZbT4CI5-J0ZFanzWF6Hw_T8355eVKZDOiwx8S3yeWAMtP1pU9n9MpPFk0dM8xeUkISPAamvwFYvg4PIFXqIP25FNxSE4cq9Er1uzR5TRK76dcLYMSjEslDcXe7XhB4guz9Js3dUGV2ryimYTN1_EYgTEWH6ljjFdFH3V5QRE-FChFexezj1vUUen8D1QcJkd5LbReuKe1QI-AEY72bNbbJ2bMd9a9D1dUpigr0yqigSP79JhZeS5uXod0I8dX5NTHK_morTd0YtWZCZLLY_QcKZlypx_250kF1tlpofT94F7O9oKcEzv45skegtuIAGPZUYsk_QUqln5CpKKiBpgwc2kk7TBWe_0Vm6Av8lMnJ3BcNUxYjMyAMHucP32eymZCqR7rspYpb0iVBvvFO9FWSYBaA3YzkNhJnKQ2irrVjsK10m1mTVWaRljrimcJF_-0sPdgPat1V4B7bQIjNOqc4Tstmty8V8opSBj_KKMetzNMZdoavt-ldquNAHnPZdm7k05glS-GJPG_6skysGCjIti19DXH1F_kWkIc7lrRWsztI1ancMl4IgSYDzQetIOPzaWByYltiFKkhZZ28pewZlOP2XClIle-BWGOy739t14pdq6LbFJWP5GxaJptzocy8qL70FifiY_8Vjmu8aEhgL45X4wB6MoanLlppFssAURy2D0VAozU

Requested by

Host: dynamo.kiev.ua
URL: http://dynamo.kiev.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI851FpFH6ksmEcyTjr4mIM&google_cver=1&google_push=AYg5qPJsaW6toTeuu7gGYMByeu2daoRkpwQehdJCTez4KPJyBxXv90q0LweGrtFvxBsLYVIu2C8G63N2V4Oxc5lX...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPJsaW6toTeuu7gGYMByeu2daoRkpwQehdJCTez4KPJyBxXv90q0LweGrtFvxBsLYVIu2C8G63N2V4Oxc5lX47jK6r6R-28

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPJsaW6toTeuu7gGYMByeu2daoRkpwQehdJCTez4KPJyBxXv90q0LweGrtFvxBsLYVIu2C8G63N2V4Oxc5lX47jK6r6R-28

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:30:37 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mXFhHodURQGWpe8CVxvEyg&google_push=AYg5qPJsaW6toTeuu7gGYMByeu2daoRkpwQehdJCTez4KPJyBxXv90q0LweGrtFvxBsLYVIu2C8G63N2V4Oxc5lX47jK6r6R-28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 19 Aug 2021 16:30:36 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGOAR570s9UcEKcbkP-CzS4&google_cver=1&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlKSAtF3Nwb9GTc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F204C26CA7A425795683AB208CD7E7E&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlK...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F204C26CA7A425795683AB208CD7E7E&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlK...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F204C26CA7A425795683AB208CD7E7E&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlKSAtF3Nwb9GTc&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F204C26CA7A425795683AB208CD7E7E&google_push=AYg5qPI0gpMDFfZMAhH1r8NKE1JoPxNXQZflHN5e9yK1E9RICufk8TJd04YiWiA255qRwW-0SV1QHimObjLpwlKSAtF3Nwb9GTc&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJvjDFi4lEE6-J7Rc9DFKcs&google_cver=1&google_push=AYg5qPJXEUCxwQP4paiQgIn7YVmwdvSxTkIlfRRVtu8x7XK-DQR_EOh7d409SQkfgCrFlpdZI-NzH5CtmyJVf908gn6ezj9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJXEUCxwQP4paiQgIn7YVmwdvSxTkIlfRRVtu8x7XK-DQR_EOh7d409SQkfgCrFlpdZI-NzH5CtmyJVf908gn6ezj9AuAQ&google_hm=NDg1NTYwNDkyMjUzNTI2MzY...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJXEUCxwQP4paiQgIn7YVmwdvSxTkIlfRRVtu8x7XK-DQR_EOh7d409SQkfgCrFlpdZI-NzH5CtmyJVf908gn6ezj9AuAQ&google_hm=NDg1NTYwNDkyMjUzNTI2MzYxMg%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 16:31:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJXEUCxwQP4paiQgIn7YVmwdvSxTkIlfRRVtu8x7XK-DQR_EOh7d409SQkfgCrFlpdZI-NzH5CtmyJVf908gn6ezj9AuAQ&google_hm=NDg1NTYwNDkyMjUzNTI2MzYxMg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGEmwRGLpwiWLQlOJffSrSM&google_cver=1&google_push=AYg5qPJtAkXFXXI-qxyu6ENXbeTYOvcHDL894sVny1K4Cgz2mDbMUvbVcciat08r7J6PR_VIbmo4NpEr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPJtAkXFXXI-qxyu6ENXbeTYOvcHDL894sVny1K4Cgz2mDbMUvbVcciat08r7J6PR_VIbmo4NpEr...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPJtAkXFXXI-qxyu6ENXbeTYOvcHDL894sVny1K4Cgz2mDbMUvbVcciat08r7J6PR_VIbmo4NpErsgLCrR3K_hn18EXxzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAxMTQzMDU2NjY2NjM5OTgx&google_push=AYg5qPJtAkXFXXI-qxyu6ENXbeTYOvcHDL894sVny1K4Cgz2mDbMUvbVcciat08r7J6PR_VIbmo4NpErsgLCrR3K_hn18EXxzw
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ1djdFchjaElAJibwgjyNs&google_cver=1&google_push=AYg5qPKQIyM9fuyI_2ZjL_Fb2f5FgV4TeIIJ6dsXb4k5s_ra82UObDID3SQxnJfUofeJeDYjx2h...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NKNTUyVDktMVQtOE1OWA==&google_push=AYg5qPKQIyM9fuyI_2ZjL_Fb2f5FgV4TeIIJ6dsXb4k5s_ra82UObDID3SQxnJfUofeJeDYjx2hwKF81ftIdQKfBCdMfjqkHxJo

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NKNTUyVDktMVQtOE1OWA==&google_push=AYg5qPKQIyM9fuyI_2ZjL_Fb2f5FgV4TeIIJ6dsXb4k5s_ra82UObDID3SQxnJfUofeJeDYjx2hwKF81ftIdQKfBCdMfjqkHxJo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NKNTUyVDktMVQtOE1OWA==&google_push=AYg5qPKQIyM9fuyI_2ZjL_Fb2f5FgV4TeIIJ6dsXb4k5s_ra82UObDID3SQxnJfUofeJeDYjx2hwKF81ftIdQKfBCdMfjqkHxJo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaA...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPIJOqNy5e-Llw-4_T0BNILFspwWcpVaAVz2BE-BtXvr6b2DcP1o6puHVFbIwWyJSJ0mSytEFqbuAS7kL3gHmZNUpTbxYxU&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 487
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 96B9
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPqDHbuR1vW0U3TxgNynvt0&google_cver=1&google_push=AYg5qPIdlKpdj-QLOKeGwRoym_fG93iMesKIbqRfDlOVmXm0NCzIhVGb3JsXTm0NPhxQOqzHghrlqG...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIdlKpdj-QLOKeGwRoym_fG93iMesKIbqRfDlOVmXm0NCzIhVGb3JsXTm0NPhxQOqzHghrlqGMJAZTso55I9kjxqcc2hA&google_hm=MjI5Njk5MDQz...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIdlKpdj-QLOKeGwRoym_fG93iMesKIbqRfDlOVmXm0NCzIhVGb3JsXTm0NPhxQOqzHghrlqGMJAZTso55I9kjxqcc2hA&google_hm=MjI5Njk5MDQzNzU5MTUwNjc3OQ%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIdlKpdj-QLOKeGwRoym_fG93iMesKIbqRfDlOVmXm0NCzIhVGb3JsXTm0NPhxQOqzHghrlqGMJAZTso55I9kjxqcc2hA&google_hm=MjI5Njk5MDQzNzU5MTUwNjc3OQ%3D%3D
date: Thu, 19 Aug 2021 16:31:18 GMT
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 96B9 0
12 B 31ms
29ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IipZzHDqrhLK4MTSk0xJGl_UeaymfgOMouZeD4VN_WvVfHkG2ezZoHqguea755DvlRHSAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3064647383031638&output=html&h=90&slotname=7932193939&adk=2347124645&adf=4247614952&pi=t.ma~as.7932193939&w=728&lmt=1629390676&url=http%3A%2F%2Fdynamo.kiev.ua%2F&ea=0&flash=0&wgl=1&dt=1629390675975&bpp=4&bdt=74&idt=474&shv=r20210812&mjsv=m202108100101&ptt=5&saldr=sa&correlator=5723050880075&frm=23&ife=5&pv=1&ga_vid=1840762763.1629390675&ga_sid=1629390675&ga_hid=1137186288&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=236&ady=858&biw=1600&bih=1200&isw=728&ish=90&ifk=482693918&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=2&pvsid=3213070012999022&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.4mhgf5elbzsa&fsb=1&dtd=484

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A463 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuEOVVYceYeCkEe3D7_UP6bKAkAsAAAAAOAHgBAI&bg=!DA-lD0vNAAZvV8FTb1c7ACkAdvg8WrFIbWIDCpGyGxigdqbUmDTf9fZDFBOGZCrH2iI-UN_Eq54fUgIAAADAUgAAAAtoAQeZAs2F0gYX9NT3Vg6Y1FmOw5HcvV6cGp3k5We6AtGZ7Isjgg7AUEw2iAokENwcu8sh_-E4mqK0mSENIUehtI3YMqDM4sSRHgJ2vx4QWRoPBcR5f7GF8XZwJ2zS74hX_anekLq_djcIYDpVe1HDdUI7nTUYS02L5VJedCmAulBKU5aLm4fUt7OwqnJJDGtSG8hgrdaAcwRt-x7TBlc_W71GNDHmD39qFN_Lh7y16lOeRJdXaiUyet1NeoNgS1q_xiwY7ZiHYlR_DDgZAuA1TSPA9XzhFnBy6056uenoR4MkMjB5gYWhSj93r9cTXTVrC9hcrFOik-ys63TSMaEbrlgI2K1g3nDS9RWAoc3SE5oOFnfLy1hTd9wPJNwai-wjDnVgSNkP1JtYENPJDg4wMNRz2wVUsHvU_Ze_PJ4HMMD2GKyVIC5LvwzgSVe1v3VWJmU1h-B2Ptw6H5stBHjtinXMCaksfMOQ2Wf7VIcbJe7UinWM9yGGqNF5A5dG_pmh0eEn3Gh0hZ427rPDvseNQoY78deJlvPjSN412RyRgwP-5HaL4Mm_BLgdIBk2sCHaHp2XJJAEJMwx0D4pb9Q_naC02PIdyhDo982IQ0gYEypb6GOdFx_0l1eW55goru5QBJN9cBbHf0FkhJXJ_Tw9V8g7SrMsbBfdcRDli24FMuWd1IgpAmArnAXcnr_IltP-7x9uUiAELenLoEVuDfR7xhRbrQWnuOEHEub0zvrfr8zJg72TMXUO-agqNcpLs3T2WvV6Y9XEAMn1HmqliIosnuv7wbvLbg2YBczebyxUhhtm0Yi38v55H54BQtHTQWoGoUqPlJo153oMj9Ggpzl4SIXvspTEM6cHdANEIy-X-IkROPJGHlNlp_uWdOx4pm4B23S4jJ3IlVczXM0zT_bfMcs_-kU4yFeqmYm6UHJ9bfn6K1ujX7BAapyjdQ2_KYqUrjQ

Requested by

Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 11C7 4 KB
648 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 14:40:20 GMT
server: ESF
date: Thu, 19 Aug 2021 16:31:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 16:31:18 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 11C7 12 KB
12 KB 80ms
27ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/img220807_banners_megekko_affiliate_image_v2-1597759923086-min%20(2).jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9e07601af4f9b187cf75bd5451cbd1e7c13ad1b17f54c63118c270645c3bf057

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11774
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 11C7 13 KB
13 KB 342ms
33ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/60306/creativesup/1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7082f3a1ab1816ca974c7b8baf15f6c57aead77d4894587d64e511882ee55b14

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13312
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 11C7 0
150 B 102ms
35ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=59913200139931600719594011691006&a=3222c2b7&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 11C7 434 B
914 B 819ms
69ms Script
text/javascript 34.247.122.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=59913200139931600719594011691006&t=js&wid=tt-7e1efa
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.122.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-122-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a2ccf98c9e5a9f18353ee5e845f6d56ff9595a51f44366cc219352c5dbee8b2b

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:19 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 11C7 16 KB
16 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal90006.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:40:42 GMT
x-content-type-options: nosniff
age: 240636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:40:42 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 11C7 16 KB
16 KB 31ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal90006.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:40:42 GMT
x-content-type-options: nosniff
age: 240636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:40:42 GMT

GET
H2

200

e6244d1a4401c7fe26622998bffa5f86940922.png
static.tradetracker.net/nl/material_image/f1/ Frame 7ED5
Redirect Chain

https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=59913200139931600719594011691006&t=html
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png

2 KB
2 KB

60ms
14ms

Image
image/png

2600:9000:2190:f600:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Requested by: Host: 12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
URL: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f600:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:29:44 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
last-modified: Fri, 23 Apr 2021 10:05:11 GMT
server: nginx
age: 177
etag: "60829bd7-6cf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1743
x-amz-cf-id: 0TqHh4B7m-JO6e21GKWA3HlA3ImAqEKCJxqWDCGcl-3FyWcVc5YWzA==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
date: Thu, 19 Aug 2021 16:31:19 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame 11C7
Redirect Chain

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=59913200139931600719594011691006&t=html
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

13 KB
13 KB

62ms
16ms

Image
image/jpeg

2600:9000:2190:f600:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=59913200139931600719594011691006&a=07b51980
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f600:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:26:59 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 08:27:46 GMT
server: nginx
age: 539
etag: "58ca4c82-335a"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 13146
x-amz-cf-id: 5C821bGOU81Gxr1YnZiCNnUhJyrbktIPvAASeBHGhbGAmMYXCXHx_Q==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date: Thu, 19 Aug 2021 16:31:19 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36A0 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAi2-eWTo_SCQPc3N0lmqajd-GdPSCGEmHuW3eNIb0XsJkNi110lOwjAyS7ojW7IG6oVKJN91vzIp7VThM_CyDALtrKvshXw&sig=Cg0ArKJSzDTuK0dg7LALEAE&cid=CAASF-Ro1ibZZzYFP0bQN2Kfp8ytv5PoamFu&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2347124645&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629390676460&dlt=195&rpt=84&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame A6A7 24 KB
24 KB 1139ms
35ms Image
image/gif 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:20 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame A6A7 0
150 B 1118ms
31ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=30893500123268100951389011691002&a=7c201bc6&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A6A7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame A6A7 851 B
1 KB 348ms
24ms Script
application/javascript 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:19 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame A6A7 0
150 B 91ms
30ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=30893500123268100951389011691002&a=7c201bc6&vb=v
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90002.redintelligence.net/request_content.php?s=30893500123268100951389011691002&a=2060be31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:31:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AF35 11 KB
8 KB 41ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597a1b128ddaea4b6a826f2c9d2626317efb1f7670b58f4de532f0c02c84a23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8500
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 37ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c848e6182708d30b761b303a3f2097098520d01b000a130eb7df3a96c7f31d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8475
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 97ms
76ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AF35 17 KB
6 KB 116ms
102ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:31:20 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F81D 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 19 Aug 2021 15:32:05 GMT
expires: Fri, 19 Aug 2022 15:32:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0ACC 783 B
1 KB 35ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b68f6c83fd99a02b396da98fb9a1112b328f10858e4c910f1484061045db59a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OhJZ9xErIH9Xdr298VkbTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

expires: Thu, 19 Aug 2021 16:31:20 GMT
date: Thu, 19 Aug 2021 16:31:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OhJZ9xErIH9Xdr298VkbTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F81D 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4DC3 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 19 Aug 2021 15:32:05 GMT
expires: Fri, 19 Aug 2022 15:32:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B41D 783 B
538 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ef6694526bb1b2ac522ca5ff99c0338850afd517f304b1de4dbe63efac8a0ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3iHMU14wGuv8Odrq7SYM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dynamo.kiev.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dynamo.kiev.ua/

Response headers

expires: Thu, 19 Aug 2021 16:31:20 GMT
date: Thu, 19 Aug 2021 16:31:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3iHMU14wGuv8Odrq7SYM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DC3 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081801&jk=2225001552241854&bg=!YWKlYibNAAZvV8FTb1c7ACkAdvg8WkHCMhNc-qImLGHnC9Qlici0oDigg_D6K-ed_oOorWGRQRBplwIAAAB8UgAAAA1oAQeZAntnPSmasRobum1_Hp3yfiqa6H93B3RDDRumQJUL0IM4uYM2-QWEaWuP-KEbHkGvK2O5kGeWaNe8DaGWaQcuxYpem36qCakc1j6VYbejFjqhhLkIpGvKCABQffktC_XIZHjUQQ4aqw2y6DFgGwGtnkN07VWTzDicxucwMa5c9nzyqwdO_wI8hb1OyScFnMeTiMeg36H0qbQuOYDpTgepxjUFOCtCR4hrbzGQE0VtgfoQNMkbHcHhaIFq8I3sRjM8_v4YchVRFmgW8pErQSc8c99yf4s5qqB-dyPaPYQPWGXd5_MA5kMuCRHJ4TFidhnIpsXiUK72ajHgWO3SILlqZxw-dPfhaTyKl4iONGtqYoQI2UuOjvV2W_vTujsIx5uDvUefvx97YhjZc-kEx1cAg9CDmqc6wcILHpZw3E1c7qDz5CUIX6bXlbvGT0Xi9p1R-dfOSslMF4zzW13MaYwh-SlxxkVB3sa6WktrmQbkJCC0znx_toDyWX-EXZpCQK6vqCZejqywQbg3CcveDatxyf6XHf6QErVKUOiIB6Eyfv1128SO9hRB-Zsm7P1bU0TY85sqI5uYHi0uQEPqG1FOxbbWWO1Pnq-9K9QRlsKOIgDLcpXmmCdEBn_HtVQITVg4pIqZuOvpMprBURieT04cSzl6eZ4rhOiYcsBhH-cpVuXoDV5ImhUZMAkct4VQNBOwJS9wv_XeZ5r-9-7NcZ3jmEfNUNrjFR9dw5Wk49maBiRT1R0FMlyHzV23hvXzt2kSubnRFi8SB_FWFKMdsxJM4sJMAdS2p8VDGGozM4uAY_Iog0JPacih9_fK7aw5tkJ78DDkSRXYaf8oyXao-w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF35 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=3213070012999022&bg=!KimlKW3NAAZvV8FTb1c7ACkAdvg8WpxuaV18wjQDh-ytbc_i6l2WmkFgrKTNoN9aFghxKaqkslU7pgIAAABjUgAAABRoAQcKABzylPx3iZc9WMElWuDruWHYlL4yDOt4gtUqto_8mQKEsieAQ2rW8DAH00tmN1l16WAgyO38AsAF-hLOgw1Y6QDN5NF9AftLFrzbrc6IJ3__HGxknWv9XllaZdF_RP6NeDDIzouBaojrNVHLtUtt8R57-RfhSU-h2-WNrR_buRDi3UFyXzBcoZBXfqHcjIboQPLRqWSSzDfYvAlGpSivTg1969tkBvf8BuplJKpNBpXQ00t7TjjrYayLbtd0EYuQgTRwTdv74iC402oCqpW6sMNIUV3L1AKfYEoj_5bmT4f1ROJ2FdTVXtIBNAmmRbi8WB7Ghb5rGhFbydQaL9QRHoQl3Isl_mRqtLjk9UVM3yY7sHNoz1s0mXlfKPx3-rT8_gq0T5ZJKE85ugCpsp8e3p3ihln74srn_mNYKHk58i4Qxwd0Zsf2vIeFp4jGzC-aVg_44T2ntf5t7uXvkm_h0CbMsGwWLob2P_O6rkCf6UfGsy2xhcoei2QUSFakQDb9dbWpmm9YmLCtmmroVT1aUzU2Vj0aE9swytmnouhozwOrmibbSkcdzbWC06YpwOOEryhtbSS0-29lGvxflGZuK_NzxrkToL3R8cLC_po38HYRVCW0wrDn8H5sE9H2eRLElmsYnAXKDZZ0NOKOfHOltC9RUuYUzbrlUbTFxe87LpxqUeTPveO613ptJYbEl8NL2tyQL7hrVCPa0bystveF_DSaSgxQN8kqwO8Tc-dY6fQzTiiyQqaCTjmBa5GS2D4QCEPvdvh7fSCoxl-5zPzwc2czoHk3HRShuPTJxwxKh7LupHGgrARb8-yc4o1btKLFn3EqiSJYhGmSSfmaJ3eHSjpBP-3cQ8KDLO5W_PrDisWMhMMUMXSIosh06mQuQgLiPldr2U4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dynamo.kiev.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIu6r2o8G98gIVOMa7CB0OowOBEAAYACD_reZDQhMI5t3go8G98gIVaoZ3Ch1E9w29;met=1;&timestamp=1629390687256;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 7CBE 42 B
515 B 108ms
56ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIu6r2o8G98gIVOMa7CB0OowOBEAAYACD_reZDQhMI5t3go8G98gIVaoZ3Ch1E9w29;met=1;&timestamp=1629390687256;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:31:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEBc38hvaSlYKxesC81eD_dU&google_cver=1&google_push=AYg5qPKzu4mnFTtkI580SxxH-LZt4zowlO04RzcncZTnGTXEWYlvRlcqbFu4mkFOeF0r6tC5JoEfxRdixaloU0EUalmpivlzTpA

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_cver=1&google_push=AYg5qPI_2pV6HO660ezrTTlP0eS87rGZ_1poBeoLevg4wtGfuWLNAhqtK1Z3L-P7kxTbJZs0th17bAQFR575JnfH-HYtwSdYzQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR6HVHUoEAJ5hLsJTDHt8QAABKMAAAIB&google_cver=1&google_gid=CAESEHshOuDMcpC7__yuI7vNHFc&google_push=AYg5qPK3JElJloEPcMPqCS1IgT_bnNOotxU94eGR7DYl8Un2WmoD3WbgD_4fE3QnlIBL-cMyuQLNpg6G1icAP2oadP_EXDPOpbB-

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Mraid Ready false
console-api	error	URL: http://dynamo.kiev.ua/(Line 5519) Message: Initialization error: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=a533dde650034ddf9f322c95df1db6aa&cet=4&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&rule=F65818D0-964B-48DC-8DB7-9739FCA90279&requestId=997120df-3923-4fde-b61e-14a9e2562666&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=aba35822-afd4-43c4-9f24-a4bee16505f8&inst=ADS-EU-6&ts=637649874751819844&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=8BBE821D-6929-4CAD-8C60-6AE2360F3890&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=f353beea-63f4-4b64-a7bf-0ab651d293a8&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=822B2297-E3EC-45D7-AE43-6F9014855EEC&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=baf125cb-ed9e-4850-bfbc-9664d8241964&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=3165BF57-BD28-4874-A861-9403C76A3659&rule=8A706655-F96C-45CE-840A-CB9EB7D45A48&requestId=bece1061-d37e-48f4-9874-660d8feb8401&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=45B41EFB-E90B-48C6-9279-355D175966F5&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=479266b9-1745-4789-b513-89984140ac17&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=66b34e43-881c-47da-8d09-3daa472a14a1&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=296B5670-49A2-42B8-BF85-3D039DA56B6A&rule=8056BFE3-20E9-4468-AEB2-D0CA3D97D64E&requestId=f05880e6-0d84-4379-a353-d3c83ea1f940&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event view https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=4&zone=348355AC-0BAB-4840-80B7-D6E34E44E130&rule=C6004C05-3D56-418F-B7BC-DAF1845CC5AD&requestId=72f13d57-abb8-4807-8780-b95fe9585ae5&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=a533dde650034ddf9f322c95df1db6aa&cet=9&zone=6F66D37E-5989-4E49-8E9B-1699CFCA899D&rule=F65818D0-964B-48DC-8DB7-9739FCA90279&requestId=997120df-3923-4fde-b61e-14a9e2562666&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=aba35822-afd4-43c4-9f24-a4bee16505f8&inst=ADS-EU-6&ts=637649874751819844&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=348355ac-0bab-4840-80b7-d6e34e44e130
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=371e73f5-9f85-4bf5-a811-87cda8e1dc6b
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=6f66d37e-5989-4e49-8e9b-1699cfca899d
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=752e7067-2ab4-4356-a9a8-56143c99ee21
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=8bbe821d-6929-4cad-8c60-6ae2360f3890
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=822b2297-e3ec-45d7-ae43-6f9014855eec
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=3165bf57-bd28-4874-a861-9403c76a3659
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=9&zone=45B41EFB-E90B-48C6-9279-355D175966F5&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=479266b9-1745-4789-b513-89984140ac17&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/ev_view.aspx?cc=NL%2FNH%2F2759794&am-uid=e4b56348d9514638bc3d8378dfdcd07c&cet=9&zone=5CB0175C-F2A1-4368-B48B-DAA798038BD2&rule=40DAA978-7301-47D6-99C1-F052796E4694&requestId=66b34e43-881c-47da-8d09-3daa472a14a1&hp=-1794277686&page=dynamo.kiev.ua%2F&pvid=6e6141fa-6fa0-4e82-91bd-1c4cd65d3846&inst=ADS-EU-6&ts=637649874751909937&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=45b41efb-e90b-48c6-9279-355d175966f5
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=5cb0175c-f2a1-4368-b48b-daa798038bd2
console-api	log	URL: http://cdn.admixer.net/scripts3/2da3a1f7c5b623b3c382.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=296b5670-49a2-42b8-bf85-3d039da56b6a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12241ba72f1cadbebe215006dc148a8d.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
ad.adriver.ru
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adservice.google.nl
adx.adform.net
ajax.googleapis.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bidswitch-eu.splicky.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cdn.contentspread.net
cdn.trafficdok.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamo.kiev.ua
fonts.googleapis.com
fonts.gstatic.com
gagadget.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90002.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
inv-nets.admixer.net
ismatlab.com
m.trafmag.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prod-rtb.ad4mat.net
r.turn.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.tradetracker.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
sync.tidaltv.com
tags.mathtag.com
themes.googleusercontent.com
ti.tradetracker.net
tpc.googlesyndication.com
tr.blismedia.com
ua-content.adriver.ru
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
video2.magnet.kiev.ua
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.zenaps.com
x.bidswitch.net
z.cdn.trafficdok.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.111.242.245
138.201.63.164
138.201.84.244
142.250.181.230
142.250.184.226
142.250.185.194
142.250.186.98
146.0.227.110
148.251.139.77
151.101.194.49
169.50.137.190
18.194.125.59
18.197.2.221
18.197.47.23
185.184.8.65
185.29.132.246
185.29.134.244
185.33.220.243
185.86.137.122
188.34.190.35
188.42.196.115
193.0.160.129
193.200.65.6
193.239.68.97
194.247.175.26
195.206.238.120
195.206.238.150
195.206.238.20
195.209.108.37
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
213.227.149.183
216.58.212.130
2600:1901:0:76b9::
2600:9000:2190:f600:1a:7c92:efc0:93a1
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:aa7a
2606:4700::6810:7aaf
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9b
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:24:b001:6cd5:9d52:6dd6:6c58
3.126.56.137
31.28.167.67
34.247.122.211
34.96.105.8
35.186.253.211
35.190.0.66
35.244.159.8
37.157.4.40
37.157.6.246
46.4.10.47
52.213.253.90
52.59.115.28
54.36.108.3
66.155.71.149
69.173.144.165
84.16.240.93
85.114.159.118
88.212.201.204
0014a8628e795ff94e5d28b199d188366da8679b396757e5cc872957561345ef
00cad9aa25489d2031eb7aef51ed841f897e49310be617b14b48fcf4d906d3d5
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
03fa5c882e72e615179dd04be0a422d4c37a71a8c5a3bad03609a11b514212ad
04c3803e1c0b06730edd71c100252e947fc16c5a89227aa495442dc1c3355970
05b787d0da21cabc15baeb0e6de1bc4a2bdb1d0d10ce1800e4058e333e101329
05d6ada36b93b38fdc94de0d188c1be38759aef8376c757ab4d77be4b6d95cde
06a6e3cbe316a1d8d0cb8ab4d822ae8ff26c572fcd55f8b45bde9dab62d38ef0
07c7bb3189d22677dca36bd8990a1c71f5c2990752682ddb50cd50a1a525ccd7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bccd3bcce9ea545911e4e4c3605b70d765db2ae7c905ef02177b53e13deb737
0c7428a5368d1e1f867cd11d09ad58291afb94f287b671fb27803bc38e0928ac
0cb22a4e1b318a6c23baa711d0d2bcd71267ef3dd8e33b43fe91ec3475648651
0d24b76fcbb426a2b64f195f0abc1ed28586adcd3d53b33742c5255dd86c06ec
0d94f2e2229ac84f2fd70e7698826e3654b076fd80e8c797e72dc0a782bdaf3d
0e742061b7b95c780006ef36f592530945a422277247333be8a38e43a4fcd3ff
0eb266aad0b6eedff13ea2b3677ca4259a5629a3503c182aa137b6870466b807
1032682ae485621f8b00c3a942a01e6d6e9e7df45115fb9c08cce0f994bf5ade
1044a2d2d749c4044aeb1a23fcbe9bcc9d373f66791503593d91fb260c217f05
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
13feafcfc8a8db3c7cf089bb046bf3b9e6938a80434cdb6ce5db913b16707e7a
150ed51dfb3afae5c2f4617e7ede3e86b5c2da5f73856189982345f491c328b0
15d9e92ad2b1c3d7a0dd6988d4d787197c2c8b9c16ee2874da3ecdf43c99e181
16d1b9cbd716cc78592728adf7f741bdba2e0f7834d1b84f1451222b8ec86462
172c373df72bdd40c01ee490eb90ef2fe7a075b859bdb0a39c92fa4786ad94e8
1798a1e584e484d096db10a29783e5ff35d0f3a1ffbe5e3a9d2a5f57f7666b4e
199c6645a72f24059216d021778b4602a4b9892fa5d068e266a28b4e3d87c6f3
1b02d366e9e554d2dcc933eb048b1ef9545b9e614fe93e7a56f5e8b949f7217a
1b3bef701450b796e803e31f4f6ddabc221141e957c9a09fd0e1afc2e28fccdf
1b94247f3e2baaa9a8a062de0446ceac23b5f0dd12e005acdbda28fc554ab812
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e736902d8b319f63bc705c5d8a0673e31559639fafddb31b8b0bea85f981718
20837e5ff0650aa9f546e8b338df21849156aa07c12907a5a1cabdbfd7247121
20945bc99b4d16143ff9cb534d0459a0a0daef202d28973224dec2eb2a45c451
209a309513e175174b80ab2a79537a219f780ce2989c9b1455c634f7c8ca22e9
221b9da9d943d28b179cc428ef6a4526db15d2ee140a5b3d9bfe50a200121eda
252107cdbdacc81564de96d49995ea876f6619256292250c7bd9df385c2264f3
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28a4855b721e72c54d221f461a55f5e8ddc79cd337932df6cac7980de9a62f88
2969a8a19f7d23c6f67ab9cc9e0da46b111208e864e8b2572e133cb0c67f1214
2c554812d1e758ce5a7aff596d5fd1b4ff48afdf6ad2f8355eed198261cb923c
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2d0d709374c96411328bfb43c9eabda9466ac51d3b0e195efa2a9badd3dfd7f6
2d24328d97b1db03c805527dccc25d795d527bb27887aa1c89e4e90e90634065
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f4faffda5a29748db5441d3dd9ba18a57b17bf7d95e7f8f9259689fb0db69cf
3128bd5ecf01816e59a23d54c57a7a6b14615b07db53ff277c77376010265b05
32150435e7483d330aede0098d0b1fc9d61d3a34e8f5358b08a736c3606560a5
32247523683039a015208bec17c20beccddfc2281d31083661666c8c2cd3ec06
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334033d698a958acf808075fc21a28659eded82daa90c20e45e34b5b2537f397
350fa9c2a785b663adc8330ab9b4f0b033bd8e8626ce1776a2825c2f2cc2b48a
3637c6e9880a123ca0f1df89d62e47d34cb9be456f345d611731736830137624
3788187f3f173638a102d4b80b9c05cc7477eb11587611e9473105ff7b3c211e
37941d2b1432f086358b059b7d64d9d30399858862f16ecda247d351258d4881
3b02fb712038660f6a953365e718456dd14686dfa562df6d772fc9713e32db50
3c711655f4879ba2f24540a5ef9426b3a6799376b0c2eb5e49e7acc8413decd5
3d77c3d756f6a9c0690dfdbb5db5b560c7a43cd0a7fb964bda76d6559fc18f28
3d9f04cbe6599ad92206814b3052aedafdc16546f8fed451330dbe6ba8bc9533
3e084365b8c06972b05bb7f7920e9a7a3a8688f52ceaadc55995521bd932f130
3e34492fff6966e0ded2d7e470f377734ba6bb2d43e344859853038af6d9a25a
401f1494fe91e393cdc5ce0877b387145cf5c4fad5a8fda0ec58d076739a9ab2
404b87597319d66de8682fa5a1568e08f078f01e4ec15b163f812e3fafd30942
4351f4867e6f3849a65e2a18237739b953d15284cc3e79c36c82c080e472777a
437bd91c1d1307d1d3d5c9c09d3ec1ea36685436b02890c53d85a006793b5be7
43972fc48215109a3cf57c94545d81497abd31ec33aa5935748489da98eea0b7
446900dce4d576e503d418d5557b3aee48920950b97fd52c09814dcf843ad610
44b3541d8c9c4d6f20d6bc81fcc22fa9450f48a6a4377b15301bb04d3e8945fc
44dce55b2f3630098b6a0b2046d6b9f65aa23510608448be466509f4994f6a00
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475218316d91f773a8adf0b01851fbec12427d3d7d39c1474fdc86122bd168fa
484e048a19f2d1d120d469e566c755d51c4d5336b9c46d8b6527a24d86aa0295
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4982372fbf7b48657a5534aff52529f126f49936ea492aaa53b4308c687c84bf
4a9b9d5bb1a2037e3f74407021658f97cb00560081a0820ddf0523e4174a44b4
4abfec0add66154f7a20f565a8a5d41654364fa81de4b0b375c3a8c67330eaf4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b65d247321388f4a244635e89734d23ddd0ba58413d383a2f793c8273ce85a3
4c4f4878360a93949cbf773ac6ac5df00d8624eab13c1903a2dd6ce72984227b
4d4e47b54747bf336a7d03b85326a04f7df56a924124a0b869b46111b27bf184
4dd4130fa2b5d85cd7ad946b6c3870d58a04279f2b14b2249ac16d0eaa4a641a
4de9266c522a99881e22118b28fb5e3659e5a0aa009f49832b93c6bdb7d10511
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d6b0424b6498e3263709d5c1ad917adcfcd1616d12e0a8d76a06966321d67
4f300d0799f69110cc1c1798e4ab6f5adf02f1b82020e350767d24c40cedefb4
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e881d1075d4c6bf072285c7edbc906643425108720dfd7a22a66713e78a9d7
52af586d9dc2f808b3ee4a93bf22e4c8e85f477ad1c291660aae1ca6d387a4f0
53c6d64604561a4a307fb3b74d187903a20cb1f6a7b42245aaa318f5803f478c
54bd5aece13dd6fc2b0c6aa62ed074d99d28f93f7564dd031545a1d93e6f49fa
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
597a1b128ddaea4b6a826f2c9d2626317efb1f7670b58f4de532f0c02c84a23b
5cda162b99a364a831afad4248df66c83cab5f60b90740e4e18483bffc326657
6100eca91d6e1c24b6b03a47c56d75e5cd5b00a8fdaa0f978ce70b663531275e
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
613cbf3e9249195cf0d74842dcb0fd29a16f59239b2994ea806d650f47b9cd12
61686615e341466c7d3cbcc992bad3ea8787ffa631f88fdd33a69a8fe9e0d7c9
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6226c802d800809388911724cb2866ef95a953f3b7d7724952eeb9c1a8c5010e
6287e31d7f75db73e7e80030621ee27901af0443a8fbfe0ca3f848cb03dd1e5e
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
6535531dadafc8f6007ac795e52019ffa0ad64d6b4d54db6360acc7c083a1d74
66a31c4266316ef767a4bff1f75fe8563ba9a4c40272daf07b13ce91f1077233
678d06c85f613b29bab7bab461daf8ae545cc9b5e6e0849b6ef071b031494ef1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
6ef6694526bb1b2ac522ca5ff99c0338850afd517f304b1de4dbe63efac8a0ae
6f06190a9eea6cc20582fa356d9c5607ad7cf43db99377fec129b190e88455aa
7082f3a1ab1816ca974c7b8baf15f6c57aead77d4894587d64e511882ee55b14
724b85d2225037fa105d8e07b27119480f21f68cb74ba298b841ed337cd8da1b
745f50aec35e5fb8fad46d0a46cdbfa9a6931d641ef72fec0151f60e1b269821
7466c425ec745183e05ffd580822e2df7acb736e4b012888990a81ffe0de632d
74a8ab213434825377631ff36d6153feffc0e62b0794b67c9a7ed6371d14fcf8
77d316c8043a3774a4a1bc997e66a0b1831704381548b8eb7b615c8b639ba287
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7aa978f16c3a830e2a59d13ec0e39dbb8e02f6700f402d98bcd0a05598b8a70f
7b4d4d0804fc70019f56a690c25e8c68b435050f32bb85645eb6c8a9db2f2756
7c59a7beda020a75d3f425fcb416af90e35262e1dd1598b229ba3968d139e9d8
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7c8b7bf3ef34cf4fac2b53d0ae3654a9a5e795e035a68d6784662296d298f9b7
7dc82ff0bb83a56217791ba200123129226d99ed95b3900888b238f1ea008983
7e9744959ddb0a3df5497d00e6de392a97ebedfa76d6fca4be894cdd3fc4dc28
80c34c6aee79bcd098096035a375086b502905b64fec1de8485818fcef92eaa4
83155da2af076779cb4a4c037f4be3d13d39b474a39b4ee05e42878a1451f2e1
835e9fa3c02a45ec17bfafa1c1c56cc200ca10a89272db36b25147ca440311d3
84cfe80cbf4ef91de23ab0e989a3a2cdf560497884587ed28d54f76157482202
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8a0894f5aaf596f3664b20cedcb9e9ce030f0dd54d69f46a4c94bf853b1e337b
8adc6eec51e8014b829a3b123862328c6f5664606536aa88248c04ba1ee85f05
8b95912e10acc46f5f4a88296d5ce833c0906262afc4448ee3af7b038c5a62f9
8c8a76d38a81e3e9005bbaed9a6660426c03d066ff88a47001f2d749270bc4e6
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8eeb5f3377ddddb0e03cdc1574b71c8730779256af87bfe0bea8ed6df131fadc
908fdcad42c1c71c866d31279ce83d645ede68d92463f82da9398ac23d059cab
914fa458362d7990d189b4879662799e8f6c435bd5cafa8984057344d20d6f8c
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93cfd03da1c6421843afe6319577a726851ddd53558995ba88fd91dae8902103
951bddc2ab1583eee8f4d77d9044c9c5b9081cb584b0a4ac3bb85d9a58e051eb
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96bc31dad93511cb788799c0fad76aaf3b9fc5855bf59a246b9e376958522404
96ed390d6f23cdc224aac2348b3a6db61ed51d173da81f4e911a6966e27bd03c
990cb8ca8afe9ba007c99216f8967e78141d4e437dbaabcd70891e9a748b550c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b04c768886d0bd0169a22e9d9084cf66dc8879babe4c44e61541940ded24061
9cc831490532009bae2b3ce0d39c62adfc889060beb421593bfd9d2396d0f10a
9da06ded639bbbda77a0b99f1bbe4af2e2fc1b7ff959680da43e38c27620a9b7
9dede4ed705f42e8b4dfec0c4932132d7e0bd215cbd591db77566176de24c935
9e07601af4f9b187cf75bd5451cbd1e7c13ad1b17f54c63118c270645c3bf057
9e58eb23b8d34146dd4b23ff9c371b62278c775222b7ece8a7c28be4141dbe1d
9fe50e39280b3bb056f2446ae348f26dff7d83a787036e95c1ab4bd805cf03b4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2ccf98c9e5a9f18353ee5e845f6d56ff9595a51f44366cc219352c5dbee8b2b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6241aef2438e8bfeff5b1563cffa3d651739da2b6696ddee09986770d7a433c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a
a836c2023f627f18338381430c931e9a18a22ac2cac00bb9320a9b1e62ffe6ba
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2118bde0fe61115984d501eeb8142e35c81246745db9eb829e5c3481c37e66
ab177098c8c57fab5c6bc3b5dde2aea18d459ff6c09f94cbdaf1974bb077dcc5
ab6b2c6c46d0928ca186f28567dc85e2daf2549309a8ec100d995163a39baa82
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac1a913dcc95f175e5e87c6c6e6020e918ef043f58667137728b83bdb3d78496
ac946aca1da2553ef9e8d0184abbcd1f9d12d263898d7dfa552f6fde6a93f24f
ae3ee2c41158bfc0e92f0490a35ddaec2eb6e52c7701b42c6c1567c9de1063c5
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b0fa118fc19e0ea6425d6c31149f9974ffffde5f5d4661d5d96f85d65d9d0f9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14c6a85e087cd9d51bdb74c7cd922665ba2b8cc5da07cd0e49f29bb6ef48dda
b1de40891c11d79bf163929246bd07d9674bd5d45def3e494999ee980597bcb6
b218dddc76f73dcfe7037df4b4137e436c833be749b76c64773e31a9545751d2
b27e7baa05ec47804575804ad818668ab791dc4bb3e130b2339a3574477b7475
b5d143b11f43b2bf417d0ebcebb502a9d83ed1b967b4be26b9b0e534911590c2
b68f6c83fd99a02b396da98fb9a1112b328f10858e4c910f1484061045db59a3
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b9f1657e92caab56934ef106d6b7a0fda66486a3467cda1c8c03a3d8722c45dd
ba7410275f7a284d77019e31244ef5a1f02bfc30c5690ba31f7ec9cc75af5c27
bcab5e4caecc02b44fb476c9c7c4a743e105401532994c64bf9c198fbd7b0ca4
c00115da47a9a2822d819c2c13a8311e053508d429c1e32d7753893fc4781c30
c18ce067343c84afaa3729213315946397b66fc07702952e6ca044d655e96805
c3608675638c9ef92ebfd5f2a24dd34efad9106d33848bf8c7a5098ad753ef73
c374507317ba322a3db297f46fdf667abcd2d8f56197da6f1cf1e659e61b838d
c68d5d46195ea04f1f331d4d7291e4506ca9edc817b095bddecaf655a112be20
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
c848e6182708d30b761b303a3f2097098520d01b000a130eb7df3a96c7f31d10
c93d9c732c3e656f970936cb309f688721599a1e5d750279fadf3ca0fb292c81
caae3cca7abf35ee3a61a44711a2c704bf36bc779d05f29e728eced9c1950ab5
cbd689dba070d6391d14a2d68ea9c22daec63a4324184a98723f88413c616844
cdea454724c45ad926434ca19806637461a5de4bcea8e092ddca7db571dc3a18
ce406c370bc0157fefcf5c5bcf8a49d92742398ade8ff768ff20b5b813bd1f64
ce66a8694cfe9f62d1951b749b0d22c4988c1d93cf83386ad2d63aaf0e7502e2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3a73184cdb3ffbbb08f64fae22ecfbbc55e5eef672b78ad0045fc5709ae4058
d52e181f46fce3de01823cc23c23bad4016aba88ad12b4bba4841cfd12fad7c5
d58fde3663123b6315343430dad5ab8d9ffa6d62c7520f6fb5c4c0bb7fed9b16
d685f4d0cf33927e59a63178390af1226c2b18ae2e32dd759d521a32d9219f88
d82652907e4bac8318c0fa574645fda913602cb39063afe12947539f28073bf6
d9013b82315c33912ea3b5bdf9b3b19d91a3d010a42bfbd193621b867c016afb
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
d9c0c3e85c6295e5353777a2989538dba3911ed55b196cfe4e6681c90f85335c
da493df9f8dc6a697f2dccf4cc64e5d5edd5445ea7033c0364f492848c195095
db3673c6962fb0c9462cca8763b5c5c5d1fc6d52a8618c728bf92f2b16e32829
db6dd4c8d548276dea74617cf8b239f0c5e64719c3d42c254b2b968f43ad381b
dc095111c4e77408c17a759350475a765a6bfcc3e8c6de47473433a736f1380a
dd42860af2e0ef10161df8c08a1f5737c84cc8f5adc3c6ae3b5064aedb44756e
dd5fb9d26236d1318518587b39b2d39500b894a76499df1331b5826551a76863
de4fac8fb451a16780c8fc59110604551133939ed8506f9262752c9c694896f6
e0e496819d1228fed644028bb74be285d41013ea819a45b6dfb57be0a29cf6a8
e165a8287ac6e993976e0f981ce0196e76bd28cc4daaabcb96a19cfe50629e3e
e1aceed4cf4123952a2a570991180739fa6f3e6d01eebb8c0624a1d05b1c3cbf
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e25d1000bb9416fcfa4523a1ff9c5b9bf2e80e6ff321a90bec894edf2d0ca32c
e2f02f34765f57754e2503f10d7f8936a759abe34b4c087f163ccee94597989e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a810324bd2222c6e525e48401b464b092c0dac0456efe3cc5e639381fe3b4
e4e00ee8ee2a71f474720f75726ec887a80d4af4f742e90f38dbf5fe0a2b0804
e566775700e2c37624877d5f3c4d8baaa70627bfcff30c8f7bb3fe754c36ba84
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59498ff950418bc1fd339aa191bafb81a74ec94d640c8b45940e44ee9051aa4
e6571b99b98aef2eb857c2791a7eef70a72acc2e81f6a6eb7a8390c9e966e006
e6ecc3beb03f58388cb5a5329040fb1b97ef3a36af6bb499a8fe5d5e4ceb182a
e93a337e45ca5023a0a579c53c1551331d50ca1a8240f223615d8047ef2c296a
eca7aa12672056dfcacdde314f5b5c2f1346d6ed97a2376deecd17780fb9fbb7
ecfb8b0439da5fdccf9c2256c0ee89ab13534176f55f2f5553037296960cee0c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4c46de8b89124e73c15f69a9f8701dc97c753e8d4da2b0b4213e29db5bdde5
efb294012ce5a020cea43f3e82bb67df1fce7c700fbdea1f839cfd7418b87054
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efc21afbba198218d0a5d17500c337a32d34441d6c9606c3a775fd53b22c42a6
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f35e9a74fbe13330e7d2fa458e3a9fb7e4281f80af3db6bd1d81edc959bde7ac
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5895d8277e704aa7255eab9359fc37a650f1da0423fdafadc97016a91b20572
f6174ef17180718a4e0c3f3c60e6b8eb205faf1494bbe7ab29756d9d8c5df599

dynamo.kiev.ua Open in urlscan Pro 195.206.238.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

473 Requests

89 %HTTPS

40 %IPv6

63 Domains

93 Subdomains

67 IPs

12 Countries

6233 kBTransfer

10909 kBSize

0 Cookies

15 Outgoing links

Redirected requests

473 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

dynamo.kiev.ua Open in urlscan Pro
195.206.238.20 Public Scan

Screenshot
Live screenshot

Full Image

473
Requests

89 %
HTTPS

40 %
IPv6

63
Domains

93
Subdomains

67
IPs

12
Countries

6233 kB
Transfer

10909 kB
Size

0
Cookies

473 HTTP transactions
7 data transactions