www.ukr.net Open in urlscan Pro
212.42.76.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ukr.net/
Effective URL:
https://www.ukr.net/
Submission: On November 20 via manual (November 20th 2021, 7:53:12 pm UTC) from UA — Scanned from DE

Summary HTTP 250 Redirects Links 331 Behaviour Indicators

Summary

This website contacted 63 IPs in 12 countries across 44 domains to perform 250 HTTP transactions. The main IP is 212.42.76.253, located in Ukraine and belongs to UKRNET Kiev, Ukraine, UA. The main domain is www.ukr.net.
TLS certificate: Issued by Thawte RSA CA 2018 on March 31st 2021. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	212.42.76.253 212.42.76.253	8856 (UKRNET Kiev) (UKRNET Kiev)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
23	212.42.76.247 212.42.76.247	8856 (UKRNET Kiev) (UKRNET Kiev)
2	212.42.76.248 212.42.76.248	8856 (UKRNET Kiev) (UKRNET Kiev)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:3471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 11	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
7	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1	77.120.100.148 77.120.100.148	25229 (VOLIA-AS) (VOLIA-AS)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
4	212.42.83.135 212.42.83.135	8856 (UKRNET Kiev) (UKRNET Kiev)
3	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	178.128.142.14 178.128.142.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	195.214.195.100 195.214.195.100	8856 (UKRNET Kiev) (UKRNET Kiev)
3	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	52.31.83.126 52.31.83.126	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2602:803:c002... 2602:803:c002:200::42	26667 (RUBICONPR...) (RUBICONPROJECT)
1	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
1	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
26	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	195.191.235.70 195.191.235.70	208566 (ROZETKA-AS) (ROZETKA-AS)
1	193.200.64.15 193.200.64.15	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.156 54.36.109.156	16276 (OVH) (OVH)
250	63

10 212.42.76.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv253.fwdcdn.com

www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 212.42.76.247 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv247.fwdcdn.com

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.76.248 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv248.fwdcdn.com

zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st11.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.120.100.148 (Simferopol, Ukraine)

ASN25229 (VOLIA-AS, UA)
PTR: 148.100.120.77.colo.static.dcvolia.com

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

kinoafisha.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.142.14 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.214.195.100 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.83.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-83-126.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 195.191.235.70 (Warsaw, Poland)

ASN208566 (ROZETKA-AS, PL)
PTR: cs01.trafmag.com

cs01.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.15 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: affiliates.rozetka.com.ua

afl.rozetka.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.156 (France)

ASN16276 (OVH, FR)
PTR: p07.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	321 KB
29	ukr.net 4 redirects www.ukr.net zakladki.ukr.net accounts.ukr.net mail.ukr.net counter.ukr.net	340 KB
28	2mdn.net s0.2mdn.net	263 KB
23	fwdcdn.com upst.fwdcdn.com	385 KB
22	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	281 KB
13	trafmag.com trafmag.com cs01.trafmag.com	67 KB
10	adtelligent.com player.adtelligent.com ghb.adtelligent.com ghb1.adtelligent.com sync.adtelligent.com Failed	37 KB
8	sinoptik.ua pinformer.sinoptik.ua	46 KB
6	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	101 KB
6	rcvlink.com go.rcvlink.com st11.rcvlink.com	30 KB
5	googletagservices.com www.googletagservices.com	182 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	1 KB
4	rubiconproject.com fastlane.rubiconproject.com	5 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
4	kinoafisha.ua kinoafisha.ua	141 KB
3	360yield.com ice.360yield.com	2 KB
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	google.de adservice.google.de www.google.de	1 KB
2	criteo.net static.criteo.net	54 KB
2	adnxs.com ib.adnxs.com	9 KB
2	e-planning.net 1 redirects pbjs.e-planning.net	902 B
2	adform.net adx.adform.net	406 B
2	adtcdn.com player.adtcdn.com	124 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	id5-sync.com id5-sync.com	529 B
1	googleapis.com fonts.googleapis.com	1 KB
1	rozetka.com.ua afl.rozetka.com.ua	407 B
1	hybrid.ai dm.hybrid.ai	238 B
1	znctrack.net s.znctrack.net	450 B
1	casalemedia.com htlb.casalemedia.com	330 B
1	betweendigital.com ads.betweendigital.com	907 B
1	admixer.net inv-nets.admixer.net	501 B
1	pubmatic.com hbopenbid.pubmatic.com	114 B
1	lijit.com ap.lijit.com	741 B
1	openx.net adtelligent-d.openx.net	589 B
1	a-mo.net prebid.a-mo.net	168 B
1	creativecdn.com prebid-eu.creativecdn.com	173 B
1	loadercdn.net loadercdn.net	171 B
1	recreativ.ru recreativ.ru	238 B
1	mgid.com servicer.mgid.com	3 KB
1	phoenix-widget.com api.phoenix-widget.com	4 KB
1	mixadvert.com m.mixadvert.com	495 B
1	adpartner.pro a4p.adpartner.pro	878 B
1	googletagmanager.com www.googletagmanager.com	36 KB
250	44

	Domain	Requested by
28	s0.2mdn.net	www.ukr.net s0.2mdn.net
26	tpc.googlesyndication.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com tpc.googlesyndication.com www.ukr.net
23	upst.fwdcdn.com	www.ukr.net pinformer.sinoptik.ua upst.fwdcdn.com
13	pagead2.googlesyndication.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.ukr.net www.googletagservices.com
11	accounts.ukr.net	1 redirects upst.fwdcdn.com www.ukr.net accounts.ukr.net
11	securepubads.g.doubleclick.net	www.ukr.net securepubads.g.doubleclick.net 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com www.googletagservices.com
10	cs01.trafmag.com	trafmag.com 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
10	www.ukr.net	1 redirects www.ukr.net pinformer.sinoptik.ua upst.fwdcdn.com
8	pinformer.sinoptik.ua	upst.fwdcdn.com pinformer.sinoptik.ua
6	googleads.g.doubleclick.net	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com www.ukr.net
6	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
5	www.googletagservices.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
5	go.rcvlink.com	www.ukr.net go.rcvlink.com
4	googleads4.g.doubleclick.net	www.ukr.net
4	fastlane.rubiconproject.com	player.adtcdn.com
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	kinoafisha.ua	upst.fwdcdn.com kinoafisha.ua
3	ice.360yield.com	player.adtcdn.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	trafmag.com	upst.fwdcdn.com 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
2	mug.criteo.com	www.ukr.net
2	gum.criteo.com	1 redirects
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	encrypted-tbn3.gstatic.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
2	ib.adnxs.com	player.adtcdn.com
2	pbjs.e-planning.net	1 redirects www.ukr.net
2	script.4dex.io	player.adtcdn.com script.4dex.io
2	adx.adform.net	player.adtcdn.com
2	www.google.com	1 redirects www.ukr.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	zakladki.ukr.net	www.ukr.net
1	id5-sync.com	player.adtcdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
1	www.gstatic.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
1	fonts.googleapis.com	2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
1	afl.rozetka.com.ua	trafmag.com
1	dm.hybrid.ai	www.ukr.net
1	s.znctrack.net	www.ukr.net
1	htlb.casalemedia.com	player.adtcdn.com
1	ads.betweendigital.com	player.adtcdn.com
1	ghb1.adtelligent.com	player.adtcdn.com
1	inv-nets.admixer.net	player.adtcdn.com
1	bidder.criteo.com	player.adtcdn.com
1	hbopenbid.pubmatic.com	player.adtcdn.com
1	ap.lijit.com	player.adtcdn.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	prebid.a-mo.net	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	mp.4dex.io	player.adtcdn.com
1	www.google.de	www.ukr.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	loadercdn.net	www.ukr.net
1	st11.rcvlink.com	www.ukr.net
1	recreativ.ru	go.rcvlink.com
1	servicer.mgid.com	upst.fwdcdn.com
1	api.phoenix-widget.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	a4p.adpartner.pro	upst.fwdcdn.com
1	www.googletagmanager.com	www.ukr.net
0	sync.adtelligent.com Failed	player.adtelligent.com www.ukr.net
250	67

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
tvgid.ua
kinoafisha.ua
www.booking.com
rozetka.com.ua
kasta.ua
www.citrus.ua
makeup.com.ua
z.cdn.adpool.bet
auto.ria.com
rst.ua
ab.ua
atlanticexpress.com.ua
vidi-automarket.com.ua
suzuki.ua
osago.avtosale.ua
avtosale.ua
lassa.in.ua
sailun.in.ua
exist.ua
autoamerica.com.ua
nissan-ask.com.ua
niko-centre.kiev.ua
dom.ria.com
lun.ua
nerukhomi.ua
1realty.ua
flatfy.ua
med-magazin.ua
www.lissod.com.ua
medpravda.ua
ailas.com.ua
bit.ly
yamaguchi-ukraine.com.ua
healthyway.com.ua
medtour.help
us-medica.ua
www.lampa.ua
shop.agromat.ua
electrica-shop.com.ua
e27.com.ua
sex-shop.ua
work.ua
grc.ua
learning.ua
optima.school
slav.in.ua
buki.com.ua
www.otpusk.com
www.tui.ua
ski.coraltravel.ua
panoramadeluxe.com
www.hotelscombined.com
proizd.ua
anga.ua
www.rbc.ua
vv-hotel.com
www.accordtour.com
onona.ua
hvosting.ua
nic.ua
www.besthosting.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
www.europe-stomatolog-centre.com.ua
nv.ua
zn.ua
www.slovoidilo.ua
novyny.live
news.u24.ua
news.obozrevatel.com
gordonua.com
rubryka.com
ua.news
hvylya.net
tsn.ua
day.kyiv.ua
kiev.segodnya.ua
golos.ua
www.unn.com.ua
lenta.ua
vsviti.com.ua
ukranews.com
sprotyv.info
bykvu.com
newsyou.info
4studio.com.ua
newsru.co.il
34.ua
toneto.net
bigkyiv.com.ua
kyiv.ukrainianwall.com
svidok.online
nezavisim.tv
www.bagnet.org
itechua.com
litgazeta.com.ua
hromadske.ua
cursorinfo.co.il
ampercar.com
autotheme.info
avtodream.org
betauth.com
www.footboom.com
football24.ua
www.ua-football.com
changeua.com
ukrhealth.net
sport.politeka.net
life.fakty.com.ua
realist.online
mind.ua
ua.interfax.com.ua
dw.com
suspilne.media
novosti-n.org
vlasti.net
censor.net
trends.24tv.ua
www.growhow.in.ua
kriminal.tv
sport.24tv.ua
dilo.net.ua
mega-music.pro
wona.com.ua
nashamama.com
apostrophe.ua
rezina.cc
autoshini.com
pokraska.diskservice.com.ua
transshina.com.ua
shinadiski.com.ua
kiaparts.com.ua
www.zapchast.com.ua
teslaone.com.ua
ukrshina.com.ua
goldnomer.com
www.aks.ua
panama.ua
diaton.ua
artpotolok.kiev.ua
filtry.in.ua
lascala.ua
www.m-stelya.com.ua
flowers.ua
isex.com.ua
buketland.com.ua
amurchik.ua
love-toys.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
trafmag.com
answear.ua
biznes-bez-paperu.com.ua
promo.vbetua.com
phoenix-widget.com
click.phoenix-widget.com
mgid.com
www.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net

Subject Issuer	Validity	Valid
*.ukr.net Thawte RSA CA 2018	`2021-03-31` - `2022-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.fwdcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-01` - `2022-12-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2021-10-01` - `2022-10-01`	a year	crt.sh
adpartner.pro R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
m.mixadvert.com R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2021-11-01` - `2022-12-01`	a year	crt.sh
kinoafisha.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-25` - `2022-11-24`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
phoenix-widget.com R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh
*.recreativ.ru Thawte RSA CA 2018	`2021-08-23` - `2022-09-06`	a year	crt.sh
player.adtelligent.com R3	`2021-11-19` - `2022-02-17`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
loadercdn.net R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-12` - `2022-01-10`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
afl.rozetka.com.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-25` - `2022-11-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.ukr.net/
Frame ID: D9FA8EC4601F643A2A1255DBA71F188E
Requests: 98 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 916AC5B9367BA8DC8622BF2480A4BBF3
Requests: 9 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: DFC94C12F4CB00329A5D4D4A01366B88
Requests: 7 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Frame ID: 1071BBB4B1E234BB3AE0DF1FBB394D88
Requests: 13 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
Frame ID: 585546B13D723B723F68405BC4959D8B
Requests: 5 HTTP requests in this frame

Frame: https://www.ukr.net/dat/covid19.html
Frame ID: B16D9BCBDBA633D4F12265834936EF76
Requests: 3 HTTP requests in this frame

Frame: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD57B264D890BB27BA0472B0EF6EACBE
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.ukr.net/a056962f-7c51-474c-b541-64183710d161
Frame ID: D1A57E4E4E1F216CA211B8876EE8F1B2
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5ac6b46-4480-4e24-b9a0-135118eef41f
Frame ID: 335E96EDFF0036889BC64B6271C8B3CA
Requests: 1 HTTP requests in this frame

Frame: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7F5A0E5D14DF960163A320DC48FB7C44
Requests: 20 HTTP requests in this frame

Frame: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF30530FEA4E22DEF8E809742741C5BF
Requests: 16 HTTP requests in this frame

Frame: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85C26BC973FD841E10926CBDE04C7A22
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNXUP7jPhDCJFgS1tmwLptexRiM_-iIsDCl3afSffC1KmKIWUCtxAP3ZzVwxE4OpWfn8uLgEhPYjGYwHq6kR09gHUZv8Tg
Frame ID: 143825995AAD34C51B8550B2F63FFB0E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F8B64C3D5AB4EE1AC1DDB46294A2B355
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
Frame ID: 3AC4F326331723962E820DC51DE73776
Requests: 13 HTTP requests in this frame

Frame: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 094AEDBDFA84CDB4912509A0FE06B33A
Requests: 13 HTTP requests in this frame

Frame: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2831D3E0AA5139CB2B19FEADF9E13E5F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWio2M8YUzBAAeDt6yotUbmiWDuYAQzPL9wmxnkESJ3Js--jS_ftaIy87bgMi680WBBWGb8Do-EIkp40nEpqlfCXJ-N1g
Frame ID: E7D925DAAA5F513A73F0C4EB03F1A9E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html
Frame ID: 997A3A7BB2E69590ACF1EE7954A3FEED
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DB2006818F2C3D205EA5F9A650C02142
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E30B0410C27D76D2AB3B2F32E9AEF8D2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
Frame ID: F0684A6F58E3E572B79F058D364D664F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

http://www.ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Page Statistics

250
Requests

98 %
HTTPS

41 %
IPv6

44
Domains

67
Subdomains

63
IPs

12
Countries

2515 kB
Transfer

6608 kB
Size

44
Cookies

331 Outgoing links

These are links going to different origins than the main page.

URL: https://ua.sinoptik.ua/
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://tvgid.ua/
Title: ТВ-гiд

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/ua/?utm_source=ukr.net&utm_medium=link&utm_campaign=izbranoe
Title: Кіноафіша

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukr_net_main&utm_medium=banner_logo&utm_campaign=logo_main
Title: Rozetka

Search URL Search Domain Scan URL

URL: https://kasta.ua/?utm_campaign=190108_link_new_audience_cac_main_izbrannoe&utm_medium=cpc&utm_source=ukrnet
Title: Kasta

Search URL Search Domain Scan URL

URL: https://www.citrus.ua/actions/black-friday?utm_source=ukrnet&utm_medium=cpc&utm_campaign=211115_links-general-BlackFriday_2021
Title: Цитрус

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/?utm_source=ukr.net&utm_medium=izbrannoe
Title: MakeUp

Search URL Search Domain Scan URL

URL: https://z.cdn.adpool.bet/go?z=1818442473
Title: Parimatch

Search URL Search Domain Scan URL

URL: https://auto.ria.com/uk/?utm_source=ukrnet&utm_medium=link_clikukrnet&utm_campaign=favorites&r_audience=partners_buyers&r_source=ukrnet&r_medium=link_clikukrnet&r_campaign=favorites
Title: AUTO.RIA - Перевірено людьми

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: http://ab.ua/?utm_source=ukr.net&utm_medium=text&utm_campaign=ukr.net_
Title: AvtoBazar - машини та гроші

Search URL Search Domain Scan URL

URL: http://atlanticexpress.com.ua/?utm_source=ukr_net&utm_medium=url_top&utm_campaign=auto_us_ukr_net&utm_term=avto_iz_ssha&utm_content=atlantic_express_1
Title: Авто з США

Search URL Search Domain Scan URL

URL: https://vidi-automarket.com.ua/ua/catalog
Title: Авто з пробігом - ціни знижено!

Search URL Search Domain Scan URL

URL: https://suzuki.ua/car/1/vitara?utm_source=ukr.net&utm_medium=cpc&utm_content=link&utm_term=&utm_campaign=novdec_media
Title: Suzuki VITARA - від 476 900 грн.

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/uk/insurance/osago
Title: Автоцивілка онлайн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Avtosale - авто за кращою ціною

Search URL Search Domain Scan URL

URL: https://lassa.in.ua/?utm_source=UKR.NET&utm_medium=LINK-LEVO&utm_campaign=LASSA_zima
Title: LASSA - надійні зимові шини

Search URL Search Domain Scan URL

URL: https://sailun.in.ua/?utm_source=UKR.NET&utm_medium=LINK-LEVO&utm_campaign=SAILUN_zima
Title: Шини SAILUN визнані Європою

Search URL Search Domain Scan URL

URL: https://exist.ua/?utm_source=ukrnet&utm_medium=banner&utm_campaign=favorites
Title: EXIST.ua автотовари та сервіси

Search URL Search Domain Scan URL

URL: https://autoamerica.com.ua/?utm_source=ukr_net&utm_medium=url_fav&utm_campaign=ukr_net_ppc_40
Title: Авто з Америки - 40%

Search URL Search Domain Scan URL

URL: https://nissan-ask.com.ua/ua/auto_models/x-trail/description/?utm_source=ukr.net&utm_medium=link&utm_campaign=636850&utm_id=Xtrail#price-specifications
Title: Nissan X-Trail від 636 850 грн

Search URL Search Domain Scan URL

URL: https://niko-centre.kiev.ua/offers/new-vehicles-offers/eclipse-cross-discount-november?utm_source=ukr.net&utm_medium=link&utm_campaign=-100000&utm_id=Eclipse
Title: Eclipse Cross вигода до 100000

Search URL Search Domain Scan URL

URL: https://auto.ria.com/uk/newauto/?utm_source=ukrnet&utm_medium=clikukrnet&utm_campaign=new_auto_favorites&r_audience=partners_buyers&r_source=ukr.net&r_medium=clikukrnet&r_campaign=new_auto_favorites
Title: AUTO.RIA - Продаж Нових авто

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/?utm_source=ukrnet&utm_medium=clikukrnet&utm_campaign=favorites&r_audience=partners_buyers&r_source=ukrnet&r_medium=clikukrnet&r_campaign=favorites
Title: DOM.RIA - Ділись правдою

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://nerukhomi.ua/ukr/novostrojki-kiiv/?utm_source=ukr.net&utm_medium=newbuilds&utm_campaign=secrets_zhk
Title: НЕРУХОМІ - слово експерта!

Search URL Search Domain Scan URL

URL: http://1realty.ua/
Title: Вся нерухомість Одеси

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: https://www.lissod.com.ua/?f=ukr.net
Title: Lisod лікування раку

Search URL Search Domain Scan URL

URL: https://medpravda.ua/ua
Title: Медправда - зроблено лікарями

Search URL Search Domain Scan URL

URL: https://ailas.com.ua/garnyj-zir-na-vse-jyttya.html?utm_source=ukr-net-garnyj-zir-na-vse-jyttja-lending&utm_medium=link&utm_campaign=garnyj-zir-na-vse-jyttja
Title: Гарний зір на все життя

Search URL Search Domain Scan URL

URL: https://ailas.com.ua/ubrat-kataraktu.html?utm_source=ukr-net-hirurgija-katarakty-lending&utm_medium=link&utm_campaign=udalenie-katarakty
Title: Очі, як у молоді роки

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://yamaguchi-ukraine.com.ua/
Title: Магазин масажного обладнання

Search URL Search Domain Scan URL

URL: https://healthyway.com.ua/uk/deficit-jodu-modna-tema-chi-realna-problema/
Title: Як уникнути дефіциту йоду?

Search URL Search Domain Scan URL

URL: https://healthyway.com.ua/uk/karantin-naslidki-dlya-organizmu/
Title: Карантин та наш імунітет

Search URL Search Domain Scan URL

URL: https://medtour.help/ru/postkovidnaya-reabilitacziya-lechenie-posledstvij-koronavirusnoj-infekczii/?utm_source=ukr.net&utm_medium=cpc
Title: Відновлення після covid-19

Search URL Search Domain Scan URL

URL: https://us-medica.ua/catalog/massage-tables
Title: Масажні столи і кушетки

Search URL Search Domain Scan URL

URL: https://www.lampa.ua/?utm_source=ukr.net&utm_medium=referral&utm_campaign=shop
Title: Lampa.ua: люстри, світильники

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: https://shop.agromat.ua/
Title: АГРОМАТ - плитка, сантехніка

Search URL Search Domain Scan URL

URL: https://electrica-shop.com.ua/?utm_source=ukr_net_link_sidebar&utm_medium=link_main&utm_campaign=main_link_site
Title: Електрика-ШОП–електротовари

Search URL Search Domain Scan URL

URL: https://e27.com.ua/ua?utm_source=ukr.net&utm_medium=links&utm_campaign=shop
Title: Магазин світла E27.UA

Search URL Search Domain Scan URL

URL: https://sex-shop.ua/
Title: Секс-шоп замовити анонімно

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://learning.ua/?utm_source=ukrnet&utm_medium=clikukrnet&utm_campaign=favorites
Title: Learning.ua - математика

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://slav.in.ua/
Title: Славутич професійне навчання

Search URL Search Domain Scan URL

URL: https://buki.com.ua/?utm_source=ukr_net&utm_medium=banner&utm_campaign=promo
Title: Buki - репетитори України

Search URL Search Domain Scan URL

URL: http://www.otpusk.com/?utm_source=ukr.net&utm_medium=cpc&utm_content=general&utm_campaign=ukr.net
Title: 100% турів на Otpusk.com

Search URL Search Domain Scan URL

URL: https://www.tui.ua/?utm_source=ukrnet&utm_medium=favorites&utm_campaign=Travel
Title: ТОП подорожі лише на TUI.ua

Search URL Search Domain Scan URL

URL: https://www.tui.ua/zatui-sobi-lito-2022/?utm_source=ukrnet&utm_medium=favorites&utm_campaign=zatui_rb2022
Title: Затуй собі літо 2022

Search URL Search Domain Scan URL

URL: https://ski.coraltravel.ua/
Title: Гірськолижний відпочинок

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання готелів

Search URL Search Domain Scan URL

URL: https://panoramadeluxe.com/
Title: Готель Panorama De Luxe

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com/?a_aid=143217
Title: Порівняння цін на готелі

Search URL Search Domain Scan URL

URL: https://proizd.ua/ua
Title: Залізничні квитки - proizd.ua

Search URL Search Domain Scan URL

URL: http://anga.ua/
Title: Тури та екскурсії по Україні

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/travel/vostochnaya-skazka-butik-oteli-atmosfera-1632156915.html?fbclid=IwAR3HYsJgd-38BkrD0NpTguhrQojbhlg2spRjHQpJyRQ66Knnmdk6NMs5NrI
Title: Казковий Самарканд

Search URL Search Domain Scan URL

URL: http://vv-hotel.com/
Title: Готель в Карпатах, Вежа

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/
Title: Автобусні тури до Європи

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/categorys/3/
Title: Парфумерія

Search URL Search Domain Scan URL

URL: http://onona.ua/
Title: Знайомства OnOna.ua

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury/turechchyna
Title: Автобусні тури в Турцію

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/
Title: Хостинг, VPS, оренда сервера

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/ukraina_pokhody_v_gory/ukraina
Title: Активні тури – гори, лижі

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Верховний Суд

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/1513372/8c26c0fd-c9dc-48ec-8ad4-188f41a4efc2?data=eyJjcmVhdGVkX2F0IjoxNjM3NDM3OTg1LCJzaG93X2lkIjoiOGMyNmMwZmQtYzlkYy00OGVjLThhZDQtMTg4ZjQxYTRlZmMyIiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjE1MTMzNzIsImRhdGFfc291cmNlIjoiYXBwLWpzdS1wbC0wMTp0aXplcl9hZCIsInBsYXRmb3JtX2lkIjoxLCJvc19pZCI6NSwiYnJvd3Nlcl9pZCI6MSwiY3VzdG9tZXJfaWQiOiIwZGJmOGFjMi0zNzllLTQyZmQtOTEyNC1jNjY4YTA0NGZlNDYiLCJyZWdpb25faWQiOjg2LCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=e96caf22b7c61cc1243fa7f455d16350

Search URL Search Domain Scan URL

URL: https://www.europe-stomatolog-centre.com.ua/
Title: <img src="https://upst.fwdcdn.com/temp/blocks/4/5373/head.2.jpg" alt=""/>

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/bond-25?utm_source=ukr.net&utm_medium=informer&utm_campaign=007%3A+%D0%9D%D0%B5+%D0%B2%D1%80%D0%B5%D0%BC%D1%8F+%D1%83%D0%BC%D0%B8%D1%80%D0%B0%D1%82%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/copshop?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A5%D0%BE%D1%80%D0%BE%D1%88%D0%B8%D0%B9%2C+%D0%BF%D0%BB%D0%BE%D1%85%D0%BE%D0%B9%2C+%D0%BA%D0%BE%D0%BF
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/agnec?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%90%D0%B3%D0%BD%D0%B5%D1%86
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/e-zavetnoe-jelanie?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%95%D1%91+%D0%B7%D0%B0%D0%B2%D0%B5%D1%82%D0%BD%D0%BE%D0%B5+%D0%B6%D0%B5%D0%BB%D0%B0%D0%BD%D0%B8%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/oleni-roga?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9D%D0%B5%D0%BD%D0%B0%D1%81%D1%8B%D1%82%D0%BD%D1%8B%D0%B9
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/moi-sn?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%BE%D0%B9+%D1%81%D1%8B%D0%BD
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/hronika?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A5%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/plohoi-sosed?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BB%D0%BE%D1%85%D0%BE%D0%B9+%D1%81%D0%BE%D1%81%D0%B5%D0%B4
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/plohie-parni-3?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BB%D0%BE%D1%85%D0%B8%D0%B5+%D0%BF%D0%B0%D1%80%D0%BD%D0%B8+%D0%BD%D0%B0%D0%B2%D1%81%D0%B5%D0%B3%D0%B4%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/instrukciya-po-vospitaniua-majorov?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F+%D0%BF%D0%BE+%D0%B2%D0%BE%D1%81%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D1%8E+%D0%BC%D0%B0%D0%B6%D0%BE%D1%80%D0%BE%D0%B2
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/celovek-kotori-prodal-svoua-koju?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D0%B5%D0%BB%D0%BE%D0%B2%D0%B5%D0%BA%2C+%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B9+%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D0%BB+%D1%81%D0%B2%D0%BE%D1%8E+%D0%BA%D0%BE%D0%B6%D1%83
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/venom-2?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%B5%D0%BD%D0%BE%D0%BC+2%3A+%D0%9A%D0%B0%D1%80%D0%BD%D0%B0%D0%B6
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ron-s-gone-wrong?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D1%82%D0%BE-%D1%82%D0%BE+%D0%BD%D0%B5+%D1%82%D0%B0%D0%BA+%D1%81+%D0%A0%D0%BE%D0%BD%D0%BE%D0%BC
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/poslednyaya-iz-nas?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8F%D1%8F+%D0%B8%D0%B7+%D0%BD%D0%B0%D1%81
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/vse-kotiki-luisa-ueina?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D0%BE%D1%88%D0%B0%D1%87%D1%8C%D0%B8+%D0%BC%D0%B8%D1%80%D1%8B+%D0%9B%D1%83%D0%B8%D1%81%D0%B0+%D0%A3%D1%8D%D0%B9%D0%BD%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/ohotniki-za-privideniami?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D1%85%D0%BE%D1%82%D0%BD%D0%B8%D0%BA%D0%B8+%D0%B7%D0%B0+%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%D0%BC%D0%B8%3A+%D0%A1+%D1%82%D0%BE%D0%B3%D0%BE+%D1%81%D0%B2%D0%B5%D1%82%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/djentlmen?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D0%B6%D0%B5%D0%BD%D1%82%D0%BB%D1%8C%D0%BC%D0%B5%D0%BD%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/duana?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%94%D1%8E%D0%BD%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/vecsne?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%92%D0%B5%D1%87%D0%BD%D1%8B%D0%B5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/osnovnoy-instinkt?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%BD%D0%BE%D0%B9+%D0%B8%D0%BD%D1%81%D1%82%D0%B8%D0%BD%D0%BA%D1%82
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/francuzskii-vestnik-ot-liberti-kanzas-ivning-san?utm_source=ukr.net&utm_medium=informer&utm_campaign=%22%D0%A4%D1%80%D0%B0%D0%BD%D1%86%D1%83%D0%B7%D1%81%D0%BA%D0%B8%D0%B9+%D0%B2%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%22+%D0%BE%D1%82+%22%D0%9B%D0%B8%D0%B1%D0%B5%D1%80%D1%82%D0%B8%2C+%D0%9A%D0%B0%D0%BD%D0%B7%D0%B0%D1%81+%D0%B8%D0%B2%D0%BD%D0%B8%D0%BD%D0%B3+%D1%81%D0%B0%D0%BD%22
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kriptozoopark?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9A%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B7%D0%BE%D0%BE%D0%BF%D0%B0%D1%80%D0%BA
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pamyat2021?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%B0%D0%BC%D1%8F%D1%82%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5203&utm_source=ukr.net&utm_medium=Renault_Logan_mcv&utm_campaign=informers&CarCommercial=2
Title: 411 800 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5204&utm_source=ukr.net&utm_medium=Renault_Sandero&utm_campaign=informers&CarCommercial=2
Title: 309 400 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 368 200 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 805 311 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 1 249 559 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 372 000 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 096 200 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=1747&utm_source=ukr.net&utm_medium=Ford_Transit_connect&utm_campaign=informers&CarCommercial=2
Title: 681 714 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 399 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=947&utm_source=ukr.net&utm_medium=Hyundai_Tucson&utm_campaign=informers&CarCommercial=2
Title: 666 700 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1872&modelId=32725&utm_source=ukr.net&utm_medium=Mazda_Cx_5&utm_campaign=informers&CarCommercial=2
Title: 801 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=1766&utm_source=ukr.net&utm_medium=Ford_Fiesta&utm_campaign=informers&CarCommercial=2
Title: 475 113 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 701 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=956&utm_source=ukr.net&utm_medium=Hyundai_I30&utm_campaign=informers&CarCommercial=2
Title: 474 000 грн

Search URL Search Domain Scan URL

URL: https://nv.ua/ukr/world/geopolitics/u-ssha-sturbovani-cherez-diji-rosiji-shchodo-ukrajini-ta-ritoriku-moskvi-blinken-ostanni-novini-50197242.html
Title: США стурбовані через військову активність Росії на кордоні з Україною і риторику Москви — Блінкен

Search URL Search Domain Scan URL

URL: https://zn.ua/POLITICS/prezident-bolharii-podstavil-pod-udar-otnoshenija-s-ukrainoj-mid.html
Title: Президент Болгарии подставил под удар отношения с Украиной — МИД

Search URL Search Domain Scan URL

URL: https://www.slovoidilo.ua/2021/11/20/novyna/polityka/ukrayina-domovylasya-ssha-shhodo-postachannya-vuhillya
Title: Україна домовилася зі США щодо постачання вугілля

Search URL Search Domain Scan URL

URL: https://novyny.live/politics/situatsiia-napriazhennaia-shmygal-otsenil-veroiatnost-vtorzheniia-rossii-v-ukrainu-24727.html
Title: "Ситуація напружена": Шмигаль оцінив ймовірність вторгнення Росії в Україну

Search URL Search Domain Scan URL

URL: https://news.u24.ua/vlast-news/14371-peregovory-putina-i-baydena-ozvuchen-prognoz-chego-zhdat-ukraine
Title: Переговоры Путина и Байдена: озвучен прогноз, чего ждать Украине

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/styler/butusov-uvolennyh-vsu-razvedchikah-zanimalis-1637433526.html
Title: Бутусов об уволенных из ВСУ разведчиках: занимались операцией по ликвидации Гиви и Захарченко

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/politics/poroshenko-na-konferentsii-v-galifakse-prizval-zapad-predostavit-ukraine-pdch-v-2022-godu.htm
Title: Порошенко на конференции в Галифаксе призвал Запад предоставить Украине ПДЧ в 2022 году

Search URL Search Domain Scan URL

URL: https://gordonua.com/news/politics/sokolova-nichego-novogo-ne-soobshchila-opublikovav-otchet-razvedki-ob-operacii-po-vagnerovcam-arestovich-1582393.html
Title: Соколова ничего нового не сообщила, опубликовав отчет разведки об операции по вагнеровцам – Арестович

Search URL Search Domain Scan URL

URL: https://rubryka.com/2021/11/20/ssha-dopomozhut-sporudyty-na-aes-ukrayiny-14-novyh-energoblokiv/
Title: США допоможуть спорудити на АЕС України 14 нових енергоблоків

Search URL Search Domain Scan URL

URL: https://ua.news/ua/belarus-vozobnovyt-postavky-elektroenergyy-v-ukraynu/
Title: Білорусь відновить постачання електроенергії в Україну

Search URL Search Domain Scan URL

URL: https://hvylya.net/news/242057-v-ukraine-vyrosli-ceny-na-slivochnoe-maslo-i-sahar
Title: В Украине выросли цены на сливочное масло и сахар

Search URL Search Domain Scan URL

URL: https://tsn.ua/ukrayina/tranzit-gazu-z-rosiyi-shmigal-zayaviv-scho-ukrayina-hoche-prodovzhiti-kontrakt-sche-na-15-rokiv-1914145.html
Title: Транзит газу з Росії: Шмигаль заявив, що Україна хоче продовжити контракт ще на 15 років

Search URL Search Domain Scan URL

URL: https://day.kyiv.ua/uk/news/201121-dostupni-kvytky-na-vsi-poyizdy-novogo-grafika-ukrzaliznyci
Title: Доступні квитки на всі поїзди нового графіка «Укрзалізниці»

Search URL Search Domain Scan URL

URL: https://kiev.segodnya.ua/kiev/kaccidents/napal-na-pochtovoe-otdelenie-v-kieve-muzhchine-vynesli-strogiy-prigovor-foto-1586209.html
Title: Напал на почтовое отделение в Киеве: мужчине вынесли строгий приговор (фото)

Search URL Search Domain Scan URL

URL: https://golos.ua/news/v-harkove-pod-mostom-nashly-trup-foto-vydeo
Title: В Харькове под мостом нашли труп (ФОТО, ВИДЕО)

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/1953230-u-karyeri-na-odnomu-z-prospektiv-kharkova-znayshli-vbitogo-cholovika-osobu-vstanovlyuyut
Title: У кар'єрі на одному з проспектів Харкова знайшли вбитого чоловіка: особу встановлюють

Search URL Search Domain Scan URL

URL: https://internetua.com/zi-skladu-u-smili-cserez-internet-nezakonno-torguvali-importnim-alkogolem
Title: Зі складу у Смілі через інтернет незаконно торгували імпортним алкоголем

Search URL Search Domain Scan URL

URL: https://lenta.ua/v-odesse-politseyskie-predotvratili-zakaznoe-ubiystvo-biznesmena-111563/
Title: В Одессе полицейские предотвратили заказное убийство бизнесмена

Search URL Search Domain Scan URL

URL: https://vsviti.com.ua/news/132819
Title: Буде вітряно і почне сипати мокрий сніг: синоптики дали прогноз на найближчі три доби

Search URL Search Domain Scan URL

URL: https://ukranews.com/news/815706-evrosoyuz-dlya-ukraintsev-zakrylsya-ne-polnostyu-v-kakie-strany-eshhe-mozhno-poletet-i-usloviya
Title: Евросоюз для украинцев закрылся не полностью. В какие страны еще можно полететь и условия

Search URL Search Domain Scan URL

URL: https://ua.news/ua/gruzyya-deportyrovala-ukraynskyh-pravozashhytnykov/
Title: Грузія депортувала українських правозахисників

Search URL Search Domain Scan URL

URL: https://sprotyv.info/news/ukrainski-prikordonniki-otrimali-novi-francuzki-gelikopteri-n-125
Title: Українські прикордонники отримали нові французькі гелікоптери Н-125

Search URL Search Domain Scan URL

URL: https://tsn.ua/video/video-novini/u-kiyevi-vidbuvayetsya-mizhnarodniy-festival-prisvyacheniy-bogdanu-stupci.html
Title: У Києві відбувається міжнародний фестиваль, присвячений Богдану Ступці

Search URL Search Domain Scan URL

URL: https://bykvu.com/ua/bukvy/u-niderlandskomu-zooparku-tvaryny-zarazylysia-koronavirusom/
Title: У нідерландському зоопарку тварини заразилися коронавірусом

Search URL Search Domain Scan URL

URL: https://newsyou.info/shmygal-rasskazal-kak-poluchit-i-vospolzovatsya-tysyachej-za-vakcinaciyu
Title: Шмыгаль рассказал, как получить и воспользоваться тысячей за вакцинацию

Search URL Search Domain Scan URL

URL: https://4studio.com.ua/koronavirus/na-lvivshhyni-zafiksuvaly-1017-novyh-vypadkiv-covid-19-2/
Title: На Львівщині зафіксували 1017 нових випадків Covid-19

Search URL Search Domain Scan URL

URL: https://newsru.co.il/health/20nov2021/minzdrav819.html
Title: Коронавирус в Израиле: более 5270 зараженных, более 130 из них в тяжелом состоянии

Search URL Search Domain Scan URL

URL: https://34.ua/ru/v-dnepropetrovskoj-oblasti-uzhe-900-tysyach-vakcinirovannyh_n131592
Title: В Днепропетровской области уже 900 тысяч вакцинированных

Search URL Search Domain Scan URL

URL: https://golos.ua/news/sylnym-vetrom-v-kyeve-s-doma-sorvalo-chast-kryshy-metallom-zadelo-avtomobyly-foto-vydeo
Title: Сильным ветром в Киеве с дома сорвало часть крыши: металлом задело автомобили (ФОТО, ВИДЕО)

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/v-kieve-iz-posilok-izyali-biven-i-zubi-givotnih
Title: В Киеве из посылок изъяли бивень и зубы животных

Search URL Search Domain Scan URL

URL: https://bigkyiv.com.ua/mystecztvo-yak-protest-u-novomu-art-prostori-muzeyu-majdanu-vidkrylas-persha-vystavka/
Title: Мистецтво як протест. У новому арт-просторі Музею Майдану відкрилась перша виставка

Search URL Search Domain Scan URL

URL: https://kyiv.ukrainianwall.com/81305-nabirayte-u-vidra-i-taziki-ukrajinciv-obraduvali-vidklyuchennyam-vodi-v-nayblizhchi-dni-nazvani-dati-i-adresi
Title: Жителей Киева предупредили об отключениях воды

Search URL Search Domain Scan URL

URL: http://svidok.online/u-ky-yevi-na-mostu-patona-vodij-vidkry-v-strilyany-nu/
Title: У Києві на мосту Патона водій відкрив стрілянину

Search URL Search Domain Scan URL

URL: https://nezavisim.tv/news/10220.html
Title: США начнут полноценно использовать гиперзвуковое оружие в армии уже с 2023 года

Search URL Search Domain Scan URL

URL: https://internetua.com/sprava-ne-u-fortnite-vidannya-bloomberg-nazvalo-spravjnua-pricsinu-sudu-mij-epic-games-ta-apple
Title: Справа не у Fortnite: видання Bloomberg назвало справжню причину суду між Epic Games та Apple

Search URL Search Domain Scan URL

URL: https://www.bagnet.org/news/tech/1323033/it-spetsialisty-rasskazali-kak-obnaruzhit-skrytuyu-kameru-s-pomoshchyu-smartfona
Title: IT-специалисты рассказали, как обнаружить скрытую камеру с помощью смартфона

Search URL Search Domain Scan URL

URL: https://itechua.com/internet/158448
Title: Стало відомо, чому телефон перезавантажується і що з цим робити

Search URL Search Domain Scan URL

URL: https://bykvu.com/ua/bukvy/svitovyi-defitsyt-chipiv-protrymaietsia-do-2022-roku-analityk-jpmorgan/
Title: Світовий дефіцит чіпів протримається до 2022 року, – аналітик JPMorgan

Search URL Search Domain Scan URL

URL: https://litgazeta.com.ua/news/nova-versiia-istoryka-tarasa-chukhliba-literu-i-v-ukrainsku-movu-vviv-polskyj-kniaz/
Title: Нова версія історика Тараса Чухліба: літеру «Ї» в українську мову ввів польський князь

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/1953229-ne-mav-zubiv-vcheni-viyavili-noviy-vid-dinozavra-reshtki-yakogo-znayshli-u-braziliyi
Title: Не мав зубів: вчені виявили новий вид динозавра, рештки якого знайшли у Бразилії

Search URL Search Domain Scan URL

URL: https://hromadske.ua/posts/ukrayina-ta-kanada-zbuduyut-kosmichnij-puskovij-majdanchik-kosmichni-agentstva-krayin-pidpisali-zayavu-pro-partnerstvo
Title: Україна та Канада збудують космічний пусковий майданчик. Космічні агентства країн підписали заяву про партнерство

Search URL Search Domain Scan URL

URL: https://toneto.net/news/tehnologii/SpaceX-skoro-pobyot-rekord-po-kolichestvu-zapuskov-raket-v-kosmos-za-god
Title: SpaceX скоро побьёт рекорд по количеству запусков ракет в космос за год

Search URL Search Domain Scan URL

URL: https://cursorinfo.co.il/world-news/uchenye-vyyasnili-chto-proishodit-s-ischezayushhej-koroj-zemli/
Title: Ученые выяснили, что происходит с исчезающей корой Земли

Search URL Search Domain Scan URL

URL: https://newsyou.info/bmw-zapuskaet-proizvodstvo-novyx-x3-x4
Title: BMW запускает производство новых X3, X4

Search URL Search Domain Scan URL

URL: https://internetua.com/elektrokar-porshe-taycan-gts-polucsil-rekordnuua-dlya-kompanii-avtonomnost
Title: Электрокар Porshe Taycan GTS получил рекордную для компании автономность

Search URL Search Domain Scan URL

URL: https://ampercar.com/nazvano-vydy-palyva-yaki-najchastishe-pidroblyayut-na-azs
Title: Названо види палива, які найчастіше підробляють на АЗС

Search URL Search Domain Scan URL

URL: https://autotheme.info/news/153977-v-ukraine-nachnut-vydavat-nomernye-znaki-s-immunitetom-ot-shtrafov.html
Title: В Украине начнут выдавать номерные знаки с «иммунитетом» от штрафов

Search URL Search Domain Scan URL

URL: https://avtodream.org/vse-novosti/novinki/43336-geely-provela-bolshoe-obnovlenie-krossovera-coolray.html
Title: Geely провела большое обновление кроссовера Coolray

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/sport/box/artem-dalakyan-chempionskij-boj-rezultat-boksa.htm
Title: Непобедимый украинский боксер выиграл нокаутом чемпионский бой

Search URL Search Domain Scan URL

URL: https://betauth.com/prognoz/2531-verona-empoli-prognoz-na-match-22112021.html
Title: Верона — Эмполи. Прогноз на матч 22.11.2021

Search URL Search Domain Scan URL

URL: https://www.footboom.com/ukrainian/high/1637436785-davide-possancini-de-dzerbi-ochen-emocionalen-pechalno-chto-on-poluchil-krasnuyu-kartochku.html?utm_source=ukr.net.news&utm_medium=cpc
Title: Давиде Поссанцини: "Де Дзерби очень эмоционален. Печально, что он получил красную карточку"

Search URL Search Domain Scan URL

URL: https://football24.ua/manchester_yunayted_sklikav_ekstrene_zasidannya_pravlinnya__horoshi_novini_dlya_zidana_n696285/
Title: Манчестер Юнайтед скликав екстрене засідання правління – хороші новини для Зідана

Search URL Search Domain Scan URL

URL: https://www.ua-football.com/foreign/spain/1637436593-primera-atletiko-osasuna-1-0-vymuchili.html?utm_source=ukrnet&utm_medium=cpc&utm_campaign=runewsukrnet
Title: Примера. Атлетико - Осасуна 1:0. Вымучили

Search URL Search Domain Scan URL

URL: http://svidok.online/fahivtsi-nazvaly-osnovni-oznaky-hvoroby-rejno/
Title: Фахівці назвали основні ознаки хвороби Рейно

Search URL Search Domain Scan URL

URL: https://changeua.com/news/kakie-tri-veshhi-garantirovanno-izmenyat-vash-nochnoy-otdyih-v-luchshuyu-storonu/
Title: Какие три вещи гарантированно изменят ваш ночной отдых в лучшую сторону

Search URL Search Domain Scan URL

URL: https://ukrhealth.net/shist-sposobiv-dopomozhut-unyknuty-popadannya-mikroplastyku-v-organizm3252/
Title: Шість способів допоможуть уникнути попадання мікропластику в організм

Search URL Search Domain Scan URL

URL: https://golos.ua/news/kakye-produkty-snyzhayut-vospalenye-v-organyzme-posle-30-let-otvet-ekspertov
Title: Какие продукты снижают воспаление в организме после 30 лет: ответ экспертов

Search URL Search Domain Scan URL

URL: https://toneto.net/news/krasota-zdorove-sport/m--sta-dolayut-d--abet-----ki--v-dolucha--tsya-do-m--gnarodno---programi-dlya-borotbi-z-tsukrovim-d--abetom
Title: Київ долучається до міжнародної програми для боротьби з цукровим діабетом

Search URL Search Domain Scan URL

URL: https://sport.politeka.net/355460-mishina-ogoroshila-dramatichnymi-kadrami-iz-horvatskogo-seriala-gde-sygrala-glavnuyu-rol-intriguet
Title: Ксения Мишина показала драматичное видео из хорватского сериала, где сыграла главную роль

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/gnuchkist-i-rekord-divchynka-z-gipermobilnistyu-suglobiv-vrazyla-suddiv-ukrayina-maye-talant/
Title: Гнучкість і рекорд: дівчинка з гіпермобільністю суглобів вразила суддів Україна має талант

Search URL Search Domain Scan URL

URL: https://newsyou.info/ce-pravda-vi-fanati-ne-vpiznali-sheron-stoun-u-rozstebnutij-bluzci
Title: «Це правда ви?»: фанати не впізнали Шерон Стоун у розстебнутій блузці

Search URL Search Domain Scan URL

URL: https://realist.online/news/zhenikh-anny-trincher-rassekretil-stoimost-koltsa-eto-cartier
Title: Жених Анны Тринчер рассекретил стоимость кольца - это Cartier

Search URL Search Domain Scan URL

URL: https://mind.ua/news/20233455
Title: Біллі Айліш випускатиме веганський «молочний» шоколад

Search URL Search Domain Scan URL

URL: https://ua.interfax.com.ua/news/general/781093.html
Title: Особистий лікар Саакашвілі рекомендує направити його на тривалу реабілітацію до цивільної клініки

Search URL Search Domain Scan URL

URL: https://golos.ua/news/v-paryzhe-vozle-opery-proyzoshel-masshtabnyj-pozhar-foto
Title: В Париже возле оперы произошел масштабный пожар (ФОТО)

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/abroad/v-estonii-nachali-stroit-stenu-na-granitse-s-rf-a-v-finlyandii-zadumalis-ob-ugroze-foto.htm
Title: В Эстонии начали строить "стену" на границе с РФ, а в Финляндии задумались об угрозе. Фото

Search URL Search Domain Scan URL

URL: https://dw.com/p/43IYW?maca=ukr-rss-ukrnet-ukr-all-3816-xml
Title: Білорусь змінила тактику щодо мігрантів на кордоні - міноборони Польщі

Search URL Search Domain Scan URL

URL: https://suspilne.media/182584-spikeru-senatu-polsi-prislali-posilku-z-vibuhivkou-ta-pogrozami/
Title: Спікеру Сенату Польщі прислали посилку з вибухівкою та погрозами

Search URL Search Domain Scan URL

URL: https://newsyou.info/stado-nosorogov-probezhalos-po-trasse-i-raspugalo-voditelej-brodyat-kak-u-sebya-doma
Title: Стадо носорогов пробежалось по трассе и распугало водителей: бродят, как у себя дома

Search URL Search Domain Scan URL

URL: https://novosti-n.org/ukraine/Podborka-zabavnih-viskazivanyj-o-detyah-y-rodytelyah-FOTO--281613
Title: Подборка забавных высказываний о детях и родителях (ФОТО)

Search URL Search Domain Scan URL

URL: https://bykvu.com/ua/bukvy/bilja-san-diiego-inkasatori-zagubili-mishki-z-groshima-chim-ce-zakinchilosja/
Title: Біля Сан-Дієго інкасатори загубили мішки з грошима: чим це закінчилося

Search URL Search Domain Scan URL

URL: https://toneto.net/news/samoe-neobcsnoe-i-kreativnoe/slishkom-progorlivogo-klienta-vignali-iz--restorana-so--shvedskim-stolom
Title: Слишком прожорливого жителя Китая выгнали из ресторана со шведским столом

Search URL Search Domain Scan URL

URL: http://vlasti.net/news/335340
Title: В Калифорнии автотрассу засыпало долларовыми купюрами

Search URL Search Domain Scan URL

URL: https://censor.net/ru/photo_news/3300684/povrejdeny_jilye_doma_ukrainskaya_storona_stskk_pokazala_posledstviya_vcherashnih_obstrelov_voyiskami
Title: Повреждены жилые дома, - украинская сторона СЦКК показала последствия вчерашних обстрелов войсками РФ Екатериновки и Новозвановки. ФОТОрепортаж

Search URL Search Domain Scan URL

URL: https://trends.24tv.ua/harkovi-stvorili-gigantskiy-hot-dog-vstanovleno-rekord_n1799800
Title: У Харкові створили гігантський хот-дог: встановлено рекорд

Search URL Search Domain Scan URL

URL: https://rubryka.com/2021/11/20/glava-dart-pochala-vizyt-na-luganshhynu-ta-rozpovila-pro-svoyu-poyizdku-na-donechchynu/
Title: Глава ДАРТ почала візит на Луганщину та розповіла про свою поїздку на Донеччину

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/1953227-bureviy-povaliv-dereva-na-chernigivschini-zablokovano-kilka-tras
Title: Буревій повалив дерева на Чернігівщині: заблоковано кілька трас

Search URL Search Domain Scan URL

URL: http://svidok.online/na-pivnichny-h-shy-lah-gory-pip-ivan-u-karpatah-vy-palo-do-metra-snigu-foto/
Title: На північних схилах гори Піп Іван у Карпатах випало до метра снігу (фото)

Search URL Search Domain Scan URL

URL: https://internetua.com/v-die-poyavilsya-sertifikat-dlya-perebolevshih-covid-19-kak-ego-polucsit
Title: В "Дие" появился сертификат для переболевших COVID-19: как его получить

Search URL Search Domain Scan URL

URL: https://www.growhow.in.ua/naukovtsi-z-iasuvaly-morkva-potrebuie-menshe-azotnykh-dobryv/
Title: Науковці з’ясували: морква потребує менше азотних добрив

Search URL Search Domain Scan URL

URL: https://kriminal.tv/news/ukrainskim_razvedchikam_prichastnym_k_spetsoperatsii_po_vagnerovtsah_ne_dali_ohranu_oni_v_opasnosti_nardep_video.html
Title: Украинским разведчикам, причастным к спецоперации по "вагнеровцах", не дали охрану, они в опасности, – нардеп (видео)

Search URL Search Domain Scan URL

URL: https://sport.24tv.ua/nestrimniy-forvard-dovbik-za-dvi-hvilini-oformiv-dubl-vorota_n1799788
Title: Довбик за дві хвилини оформив дубль у ворота Олександрії: відео голів

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/sport/sport/ukraina-zavoevala-rekordnuyu-medal-chempionata-mira-po-karate.htm
Title: Украина с историческим рекордом завоевала медаль чемпионата мира по каратэ

Search URL Search Domain Scan URL

URL: https://dilo.net.ua/novyny/foto-dnya-avtomobil-pobeda-u-lvovi/
Title: Фото дня: автомобіль “Победа” у Львові

Search URL Search Domain Scan URL

URL: https://mega-music.pro/tak-vzhe-ne-nosyat-5-osinno-zymovyh-antytrendiv/
Title: Так вже не носять: 5 осінньо-зимових антитрендів

Search URL Search Domain Scan URL

URL: https://wona.com.ua/modnyj-chorno-bilyj-manikyur-na-zymu-2021-2022
Title: Модний чорно-білий манікюр на зиму 2021-2022

Search URL Search Domain Scan URL

URL: http://nashamama.com/imunitet/50296zmicnyuemo-imunitet-voseni-za-dopomogoyu-chayu.html
Title: Зміцнюємо імунітет восени за допомогою чаю

Search URL Search Domain Scan URL

URL: https://apostrophe.ua/news/250392
Title: Сильные молитвы в День памяти Собора Архистратига Михаила

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: https://pokraska.diskservice.com.ua/
Title: Фарбування автодисків

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто, диски

Search URL Search Domain Scan URL

URL: https://lassa.in.ua/?utm_source=UKR.NET&utm_medium=LINK-PRAVO&utm_campaign=LASSA_zima
Title: Зимові шини LASSA

Search URL Search Domain Scan URL

URL: https://sailun.in.ua/?utm_source=UKR.NET&utm_medium=LINK-PRAVO&utm_campaign=SAILUN_zima
Title: Sailun - зимові шини

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Автоцивілка онлайн

Search URL Search Domain Scan URL

URL: https://kiaparts.com.ua/service/contacts
Title: Запчастини SsangYong

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Пошук запчастин

Search URL Search Domain Scan URL

URL: https://teslaone.com.ua/
Title: Tesla з США та Європи

Search URL Search Domain Scan URL

URL: http://avtosale.ua/add_car/
Title: Продати авто

Search URL Search Domain Scan URL

URL: https://ukrshina.com.ua/shiny/zimnie/nokian%20ukrshina.com.ua
Title: Зимові шини NOKIAN

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Renault_niko_megapolis-1305/
Title: Renault НІКО Київ

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан Київ

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Ford_niko_megapolis-1303/
Title: Ford Київ

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті Київ

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: Хонда Київ

Search URL Search Domain Scan URL

URL: http://goldnomer.com/vip?utm_source=ukr.net
Title: Золоті номери 77777

Search URL Search Domain Scan URL

URL: http://www.aks.ua/
Title: Аксесуари, запчастини

Search URL Search Domain Scan URL

URL: https://panama.ua/categorys/76271/
Title: Іграшки

Search URL Search Domain Scan URL

URL: https://panama.ua/categorys/77413/
Title: Дитяче взуття

Search URL Search Domain Scan URL

URL: https://panama.ua/categorys/76454/
Title: Канцтовари дітям

Search URL Search Domain Scan URL

URL: https://panama.ua/categorys/76341/
Title: Дитячий одяг

Search URL Search Domain Scan URL

URL: https://panama.ua/categorys/76311/
Title: Гігієна малюка

Search URL Search Domain Scan URL

URL: https://www.lampa.ua/?utm_source=ukr.net&utm_medium=referral&utm_campaign=lyustry
Title: Люстри, світильники

Search URL Search Domain Scan URL

URL: https://diaton.ua/ua/katalog-plivok.html
Title: Плівки - Diaton Studio

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: https://filtry.in.ua/
Title: Фільтри для води Київ

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: http://www.m-stelya.com.ua/
Title: Натяжні стелі

Search URL Search Domain Scan URL

URL: https://e27.com.ua/ua?utm_source=ukr.net&utm_medium=links&utm_campaign=dom_interier
Title: E27: освітлення в дім

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiти

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/avtobusni_tury_plyazh_i_more
Title: Тури, відпочинки на морі

Search URL Search Domain Scan URL

URL: http://isex.com.ua/?utm_source=ukr.net&utm_medium=link&utm_campaign=podarki
Title: Секс шоп

Search URL Search Domain Scan URL

URL: https://buketland.com.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: https://amurchik.ua/?utm_source=ukrnet&utm_medium=cpm&utm_campaign=pod_intim_igr
Title: Інтимні іграшки -50%

Search URL Search Domain Scan URL

URL: https://love-toys.com.ua/seks-igrushki/
Title: Секс шоп Love toys

Search URL Search Domain Scan URL

URL: https://sex-shop.ua/catalog/seksi_beljo
Title: Еротична білизна

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/
Title: Косметика

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/ukrayina_rehulyarni_tury/ukrayina
Title: Тури по Україні

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NjAzfDEzODcyfDEzNi4yNDMuMTk4LjgxfDQ5Mzc0OHwxNjM3NDM3OTg1fDk3ZTcwOGU2N2IwMWE3OTNhZTAwYmM1Yzk5Y2QxNWQzfDMzMw==&vid=1988134374332056

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTk2fDEzODcyfDEzNi4yNDMuMTk4LjgxfDU4MTU5NjYyfDE2Mzc0Mzc5ODV8YmNiOWQ2OGEzYjdiZDdiNTEyYTA2ZWVhNGQxYzU0NDZ8MzMz&vid=1988134374332056&pstcnt=4_0
Title: от 253 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTk2fDEzODcyfDEzNi4yNDMuMTk4LjgxfDU4MTUzMjA0fDE2Mzc0Mzc5ODV8ZTA4NWViNDVhNmYzMmJiZmY0NzE5NTY1NTRlZmM5NDV8MzMz&vid=1988134374332056&pstcnt=4_0
Title: 2999 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTk2fDEzODcyfDEzNi4yNDMuMTk4LjgxfDU4MTUzMjAyfDE2Mzc0Mzc5ODV8MzM5NTI3OWUzMjQ5NGQyYjA3YTRjNzM4M2FmOTlkZjN8MzMz&vid=1988134374332056&pstcnt=4_0
Title: 2699 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NTk2fDEzODcyfDEzNi4yNDMuMTk4LjgxfDU4MTU5NjY0fDE2Mzc0Mzc5ODV8ZmM2ODU0YWNiYTY2ZmM2YThhNjY2MTI0ODhhMTFiZDV8MzMz&vid=1988134374332056&pstcnt=4_0
Title: от 4 499 грн

Search URL Search Domain Scan URL

URL: http://makeup.com.ua/?utm_source=ukr.net&utm_medium=banner&utm_content=header&utm_campaign=makeup_prime_block

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/776865/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 240 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/598073/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 14 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/182877/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 80 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/244689/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 70 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/191195/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 81 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/819358/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 23 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/297779/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 154 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/741249/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 140 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/309899/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 61 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/498235/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 82 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/70337/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 95 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/91251/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 51 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/760940/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 67 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/194727/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 56 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/159015/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 135 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/910506/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 55 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/618955/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 64 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/10029/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 128 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/145825/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 125 грн

Search URL Search Domain Scan URL

URL: https://makeup.com.ua/product/178663/?utm_source=ukr.net&utm_medium=banner&utm_campaign=makeup_prime_block
Title: 63 грн

Search URL Search Domain Scan URL

URL: https://answear.ua/s/black-friday?utm_medium=display&utm_source=ukr.net&utm_campaign=black_friday_112021&utm_term=300x150
Title: <img src="https://upst.fwdcdn.com/temp/blocks/2/5368/head.1.jpg" alt=""/>

Search URL Search Domain Scan URL

URL: https://biznes-bez-paperu.com.ua/?utm_source=ukr.net&utm_medium=referral&utm_campaign=biznes-bez-paperu
Title: <img src="https://upst.fwdcdn.com/temp/blocks/2/5363/head.2.jpg" alt=""/>

Search URL Search Domain Scan URL

URL: https://promo.vbetua.com/uk/welcome-offer-sport?utm_campaign=November_2021&utm_source=UkrNet-banner_block&utm_medium=CPM&utm_content=Sport_Welcome&btag=514392_l141815
Title: <img src="https://upst.fwdcdn.com/temp/blocks/2/5383/head.2.jpg" alt=""/>

Search URL Search Domain Scan URL

URL: https://phoenix-widget.com/

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d1cnNlc2ludG91ci5jb20vd29ybGQvdW5pa2FsbnlqLXBveG9kLXBvLWdydXppaS1zdmFuZXRpeWEvMTIyNDI4My8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj02MDExYzk2NjY0ZTViMTc2NGQzN2VlYzkmdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxOGE4MmZiNTg0YTQxZDczNmY1ZjkzNCIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5CYW5uZXJSYW5kb20iLCJ3aWRnZXRfaWQiOiI2MDhhN2NiYjk4MjdiN2JmNDI0ZDQ1NTAiLCJpZCI6IjYxOGE4MmZiNTg0YTQxZDczNmY1ZjkzNCIsImNhbXBhaWduX2lkIjoiNjAxMWM5NjY2NGU1YjE3NjRkMzdlZWM5IiwiaGFzaF9pZCI6ImQyNTYxNjFmMmNkYjNhNTA1OWFlNjc0YjNiMjdhYTM1IiwidGltZXN0YW1wIjoiMjAyMS0xMS0yMCAxOTo1MzowNi40OTM1MjAiLCJ1c2VyX2lkIjoiNm42aXExc3FrbGtyb3J5NnQifQ.EPoW9fOeNDjTECI8CVNG7QodAXBJPkL7d21SjXwKLeI

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2l0bmV0LmNvbS51YS92LXBvbHNoZS0yMi1sZXRuaWotc3R1ZGVudC1pei11a3JhaW55LXZ5cGFsLWl6LW9rbmEtb2JzaGhlemhpdGl5YS1pLXJhemJpbHN5YS8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZGQ2ODk0YTRmMzJmZTU2ZmFiYzQzNWImdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxN2E2N2IyMjdhMDFjODNkZTVlMmQxZSIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5OZXdzUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTdhNjdiMjI3YTAxYzgzZGU1ZTJkMWUiLCJjYW1wYWlnbl9pZCI6IjVkZDY4OTRhNGYzMmZlNTZmYWJjNDM1YiIsImhhc2hfaWQiOiIyNDc3ODE5MTMzM2ZkODYxYzY1MTliMDg3ZmQ5NzVkOCIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDkzNzQxIiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0.LF_ctcUTZuwrv8lVMigF6ujtTe2tqxH6ZRUm4wI5b-o

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL3NuaXBlcm1hbi5ydS9hbWF6b24temFwdXN0aXQtcHJvdG90aXB5LXNwdXRuaWtvdi1zb2JzdHZlbm5vZ28tb3JiaXRhbG5vZ28taW50ZXJuZXQtc2VydmlzYS8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZGVlNjA5MjRmMzJmZTU3MjJjMmFmZTQmdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxOTNhYWUyYjYxZTEyNjI4MjgzM2VmYyIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5OZXdzUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTkzYWFlMmI2MWUxMjYyODI4MzNlZmMiLCJjYW1wYWlnbl9pZCI6IjVkZWU2MDkyNGYzMmZlNTcyMmMyYWZlNCIsImhhc2hfaWQiOiI2YmFkYzQ1NGRiMWQ0ODJlYzBjYmQwMDE2ZTQ0ZmExZSIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDkzOTM3IiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0.9PuTsMNn_1WDV-mwAhciBi9_mTXrwNRkUDyOrtjuMZA

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2l0bmV0LmNvbS51YS9zc2hhLXZ2ZWxpLXNhbmtjaWktcHJvdGl2LTIyLWxldG5lZ28tdWtyYWluY2EtemEta2liZXJwcmVzdHVwbm9zdC8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZTNjNWQ3NTRmMzJmZTQwNTE3YTBmODcmdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxOTNhNWZmNTg0YTQxZDczNmY1ZmY1YyIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5OZXdzUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTkzYTVmZjU4NGE0MWQ3MzZmNWZmNWMiLCJjYW1wYWlnbl9pZCI6IjVlM2M1ZDc1NGYzMmZlNDA1MTdhMGY4NyIsImhhc2hfaWQiOiJhMDRhYWE5NWM3OWI4MTAwYWJmZTk5MDA2MDk5MzE5OCIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDk0MTI3IiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0._Ntv4Guh7GR9BffoBggrq_ec0k1PW4AMXwe1kN311sc

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d1cnNlc2ludG91ci5jb20vdm9rcnVnLXN2ZXRhL2NoZW0tdmFzLW1vemhldC11ZGl2aXQtb3Nlbm5pai1idWRhcGVzaHQvMTIyNDIxMS8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZmIyN2UxNzNlOTQyOGU2ZjBlN2JiMmQmdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxOGE4MWNlYjYxZTEyNjI4MjgzMzgzMCIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5CYW5uZXJSYW5kb20iLCJ3aWRnZXRfaWQiOiI2MDhhN2NiYjk4MjdiN2JmNDI0ZDQ1NTAiLCJpZCI6IjYxOGE4MWNlYjYxZTEyNjI4MjgzMzgzMCIsImNhbXBhaWduX2lkIjoiNWZiMjdlMTczZTk0MjhlNmYwZTdiYjJkIiwiaGFzaF9pZCI6Ijk0NmY2MjEwZGNlYTk1MzA5NzZlZWFmY2YxMGVmMDY5IiwidGltZXN0YW1wIjoiMjAyMS0xMS0yMCAxOTo1MzowNi40OTQzNTUiLCJ1c2VyX2lkIjoiNm42aXExc3FrbGtyb3J5NnQifQ.Mq3_zna8CLaV1ihr9oEYVDsAp7go4S4qHt8XLz-eoLU

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL3d3dy5rb3Bpcmtpbi5jb20udWEvbmF6dmFueS1wcm9kdWt0eS1rb3RvcnllLW5lbHp5YS1lc3QtbmF0b3NoaGFrLTIvP3V0bV9zb3VyY2U9cGhvZW5peCZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249NWVkNjY5Yjc3M2NjNzA0YjU5ZWY2YTliJnV0bV90ZXJtPTYwOGE3OTRlOGZkZGNlMDg2NzZlOWVlMCZ1dG1fY29udGVudD02MTkzYjA2Y2I2MWUxMjYyODI4MzNmNjIiLCJwcm9jZXNzb3IiOiJjb3JlLnByb2Nlc3NvcnMucmFuZG9tLmJhc2UuTmV3c1JhbmRvbSIsIndpZGdldF9pZCI6IjYwOGE3Y2JiOTgyN2I3YmY0MjRkNDU1MCIsImlkIjoiNjE5M2IwNmNiNjFlMTI2MjgyODMzZjYyIiwiY2FtcGFpZ25faWQiOiI1ZWQ2NjliNzczY2M3MDRiNTllZjZhOWIiLCJoYXNoX2lkIjoiM2NhZTZjYzkyYjBjOWFkNzllYzcyMzhiNDJjYzI0YmYiLCJ0aW1lc3RhbXAiOiIyMDIxLTExLTIwIDE5OjUzOjA2LjQ5NDU0NCIsInVzZXJfaWQiOiI2bjZpcTFzcWtsa3Jvcnk2dCJ9.RObeTyGDx6iEc2TuZNvQXSmDOwjPPV9EBDPz-dAyNj0

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL3d3dy5rb3Bpcmtpbi5jb20udWEvdi1zc2hhLW5hLWRuZS1vemVyYS1uYXNobGktMTIwMC1sZXRuZWUta2Fub2UtZm90by8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZmRiNTViNjc5OTFhNzhlYzdhNGMzZTUmdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxOTNiMjE3NTg0YTQxZDczNmY2MDAwMSIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5OZXdzUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTkzYjIxNzU4NGE0MWQ3MzZmNjAwMDEiLCJjYW1wYWlnbl9pZCI6IjVmZGI1NWI2Nzk5MWE3OGVjN2E0YzNlNSIsImhhc2hfaWQiOiIxZDgwNmY5NGQ1YjIwMTNkY2QyNGQ5MmYxN2FmNDRjZSIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDk0NzMwIiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0.5fTmyIsPCjC8fAt-SmRTFm2TqNtqO76LQR4myhmg_6M

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL3dvbWZpcmUuY29tL2FrdHVhbG5vZS8yMC11ZGl2aXRlbG55aC1mYWt0b3Ytby16aGVuc2hoaW5haC1vLWtvdG9yeWgtb25pLXNhbWktbmUtZG9nYWR5dmFqdXRzamEvP3V0bV9zb3VyY2U9cGhvZW5peCZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249NWU0ZDIyMTc0ZjMyZmUxZGI0NDE0NzYxJnV0bV90ZXJtPTYwOGE3OTRlOGZkZGNlMDg2NzZlOWVlMCZ1dG1fY29udGVudD02MTJmMWQ1ZDE4NjIyM2Q0OThlYzY0YjIiLCJwcm9jZXNzb3IiOiJjb3JlLnByb2Nlc3NvcnMucmFuZG9tLmJhc2UuQmFubmVyUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTJmMWQ1ZDE4NjIyM2Q0OThlYzY0YjIiLCJjYW1wYWlnbl9pZCI6IjVlNGQyMjE3NGYzMmZlMWRiNDQxNDc2MSIsImhhc2hfaWQiOiJjMzU2NmVjMmExMGY1MTdkMzVkMjIwNDc0YjkxNmFmZiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDk0OTE2IiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0.wXrmavS8lUme999AN519VNTL5BzkfoOkKxmyIDqYM14

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL3NuaXBlcm1hbi5ydS9zdHJhbm5heWEtc29uYXRhLW1vY2FydGEtZGFsYS1rbHl1Y2gtay1sZWNoZW5peXUtZXBpbGVwdGljaGVza2l4LXByaXBhZGtvdi8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZTNjNWQwMTRmMzJmZTQwNWQyZGFiY2MmdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxN2E2YjdlY2EyODAyZDU0ZmJhYmViMiIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5OZXdzUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTdhNmI3ZWNhMjgwMmQ1NGZiYWJlYjIiLCJjYW1wYWlnbl9pZCI6IjVlM2M1ZDAxNGYzMmZlNDA1ZDJkYWJjYyIsImhhc2hfaWQiOiIzMDFjYTUxMDg2N2ZlZDdlNDc0M2M5MzhiNDM1NGUzZCIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDk1MTUwIiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0.Y5MMJptQVF_gAJN4MoyKGPBIY14VAbsZHcyJbdBLA6I

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL3NuaXBlcm1hbi5ydS92LXNodmVqY2FyaWktbmF1Y2hpbGlzLXBvbHVjaGF0LWtlcm9zaW4taXotZ3J5YXpub2dvLXZvemR1eGEtaS1zb2xuZWNobm9nby1zdmV0YS8_dXRtX3NvdXJjZT1waG9lbml4JnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj01ZmRiNTYwYmVjYWViZGYzNDlmYWM4YzImdXRtX3Rlcm09NjA4YTc5NGU4ZmRkY2UwODY3NmU5ZWUwJnV0bV9jb250ZW50PTYxOTNhZjRlNTg0YTQxZDczNmY1ZmZiYSIsInByb2Nlc3NvciI6ImNvcmUucHJvY2Vzc29ycy5yYW5kb20uYmFzZS5OZXdzUmFuZG9tIiwid2lkZ2V0X2lkIjoiNjA4YTdjYmI5ODI3YjdiZjQyNGQ0NTUwIiwiaWQiOiI2MTkzYWY0ZTU4NGE0MWQ3MzZmNWZmYmEiLCJjYW1wYWlnbl9pZCI6IjVmZGI1NjBiZWNhZWJkZjM0OWZhYzhjMiIsImhhc2hfaWQiOiIxNjRlNDUwN2UxZjIzMDAyYTFkODdiYjA4M2QxYjM2MSIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMjAgMTk6NTM6MDYuNDk1MzM3IiwidXNlcl9pZCI6IjZuNmlxMXNxa2xrcm9yeTZ0In0.o1JZn8_PhYeefnaFdP0q4X3u4osoGqdhkVspldgjHMc

Search URL Search Domain Scan URL

URL: https://mgid.com/

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097641/i/57452893/0/pp/1/1?h=5j1awwxk_0BwamNN8tJYeot9oALKJyD7avMEiUyT1tVYlRW4xZ0c9BZp8ajYG-CY&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805429/i/57452893/0/pp/2/1?h=5j1awwxk_0BwamNN8tJYety7-w2qcVlRPJMD2jOejZGA8l83TNmHnJAsxvZ-MYFg&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805583/i/57452893/0/pp/3/1?h=5j1awwxk_0BwamNN8tJYenwHkaL65C1AICJUwIihynqvJ8z0l4ZS3CIwBTOCAxow&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3973215/i/57452893/0/pp/4/1?h=5j1awwxk_0BwamNN8tJYekN5Hj1QKeIu17BOvXD8-R_VD_czIgQGO08H8JOBccra&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3973213/i/57452893/0/pp/5/1?h=5j1awwxk_0BwamNN8tJYeqR6eRFgX0KCDqalk8WtaDjMglPSx-xIju2ZaDhnhD2p&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805544/i/57452893/0/pp/6/1?h=5j1awwxk_0BwamNN8tJYei3-1dOhyz8BV12UJ1wfC_QkxM9U-IGpVboNH_MnUYlP&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4074794/i/57452893/0/pp/7/1?h=5j1awwxk_0BwamNN8tJYegFVNy6Mi5nXvXFdsjiAvnj5lo7AhMndm8X6qVQfV4i-&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805565/i/57452893/0/pp/8/1?h=5j1awwxk_0BwamNN8tJYevHzFAGcalsmFM7lD3QO_pVKM53x5JeoKIp9bvKMwxm3&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3839414/i/57452893/0/pp/9/1?h=5j1awwxk_0BwamNN8tJYevfeDIym28pR0U-GClCP_H4uvaUzm0tAIAwaXVFP1dDj&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/10881013/i/57452893/0/pp/10/1?h=5j1awwxk_0BwamNN8tJYep8MxgXfSgeUqWTVHWDRuOiwfR7l5gzq2jb2byADxdmR&rid=7a41b787-4a3b-11ec-90ad-d094662c24f7&tt=Direct&att=3&afrd=8&ct=1

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://zakladki.ukr.net/index.php?action=export
Title: Скачати

Search URL Search Domain Scan URL

URL: http://zakladki.ukr.net/
Title: +ukr.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://mail.ukr.net/widget?lang=uk HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 88

https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.ukr.net/ROS?rnd=0.7139202495032477&e=300x250_0%3A300x250%2C300x145%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.ukr.net%2F&pbv=5.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.ukr.net%2F&e_pubcid=12cf7269-8766-4636-95ad-dfb4ebbb7fb7 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/www.ukr.net/ROS?ct=1&r=pbjs&rnd=0.7139202495032477&e=300x250_0%3A300x250%2C300x145%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.ukr.net%2F&pbv=5.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.ukr.net%2F&e_pubcid=12cf7269-8766-4636-95ad-dfb4ebbb7fb7

Request Chain 119

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5ac6b46-4480-4e24-b9a0-135118eef41f

Request Chain 231

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 255

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=8MZ7pXwweklSdEhmSTNTc0VyQ3YyUmVrZStqL2FaMmZPa3ZEQTdYaERzRFQ1MVAwMWl1OUNFUm9SZnVRU3pMbWRVWE94M2hJQmMxVnlFaG9kQkc0RTljSkthSm1nWmxkbmRHUzYvQzIrL21DR0RLSklyaDZGVUMyc1ZSaVYyVHFaVGE5clNiL28za1YwL0dIUlZRMytSTzF1VHd0czU1UHAzYzM0eDR1NFdtNDZZdHlhU011UUZyUTFMUnY2UDlEVEZOd1BNS2NGVEpXY2UwVlk2RFZxMXNmaE9QbFdJcDFGNU8yc3d1cjNVYnNpQ25JPXw&cppv=2

250 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ukr.net/
Redirect Chain

http://www.ukr.net/
https://www.ukr.net/

198 KB
49 KB

21ms
6ms

Document
text/html

212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

cf24d72a5dda3ef3b04cf60dd03860f950335c0fa07b6951121fcd059785522b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/html
content-length: 49214
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: -1
etag: "619951eb-c03e"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Server: nginx
Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.ukr.net/
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5220ed1b43708410befd8d6764e49ea6a82d93e7ce1d2a32e18636187a6c0986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36151
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Nov 2021 19:53:05 GMT

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1636976381/ 2 KB
575 B 28ms
6ms Stylesheet
text/css 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/1636976381/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 9f5a93301e59cfddbb7aa92dce5459a904fcee359cee64c32d4bad6096b248a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:40:02 GMT
server: nginx
etag: W/"61924712-696"
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 28ms
6ms Stylesheet
text/css 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 14:26:02 GMT
server: nginx
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/77/portal/ 44 KB
8 KB 28ms
6ms Stylesheet
text/css 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/77/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 669e2dd74451cc42dcb8d806c3661b8dc9f118816ed6b2656153fdd0ed27539d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 10:16:03 GMT
server: nginx
etag: "619384e3-2014"
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
content-length: 8212
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
234 B 7ms
6ms Script
application/x-javascript 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
date: Sat, 20 Nov 2021 19:53:05 GMT
vary: User-Agent
content-type: application/x-javascript
x-xss-protection: 1; mode=block

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/31/portal/ 166 KB
51 KB 33ms
11ms Script
application/x-javascript 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 09:53:05 GMT
server: nginx
etag: "5f6dbe01-cc31"
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
content-length: 52273
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/525/portal/ 61 KB
17 KB 38ms
17ms Script
application/x-javascript 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/525/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: db912bb5416865f9a07ab8fd37b75be0fc6791bba88450c403eb017e3b914fbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 15:02:03 GMT
server: nginx
etag: "618d306b-42fb"
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
content-length: 17147
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H/1.1 200
OK zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
104 KB 87ms
6ms Script
application/javascript 212.42.76.248
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv248.fwdcdn.com

Software

nginx /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Last-Modified: Fri, 14 Aug 2020 10:42:05 GMT
Server: nginx
ETag: "5f366a7d-19e00"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 105984
Expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 logo_ua.gif
upst.fwdcdn.com/temp/holidays/10813/ 6 KB
6 KB 6ms
6ms Image
image/gif 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/10813/logo_ua.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: e0bfc1f6c4b967dd2df9ee10f45148d0badaeeb4bdb3187ca895a74522afd1fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Sat, 20 Nov 2021 19:52:01 GMT
server: nginx
etag: "619951e1-18f1"
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
accept-ranges: bytes
content-length: 6385

GET
H2 200 title_img_ua.gif
upst.fwdcdn.com/temp/holidays/10813/ 2 KB
2 KB 6ms
6ms Image
image/gif 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/10813/title_img_ua.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 3e2f6d66fc8184eab2273a36be6c3171afa275c8ba432b8f0cb56a7cff51ec13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Sat, 20 Nov 2021 19:52:01 GMT
server: nginx
etag: "619951e1-694"
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
accept-ranges: bytes
content-length: 1684

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
261 B 6ms
6ms Image
image/gif 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Fri, 11 Nov 2016 10:00:04 GMT
server: nginx
etag: "582596a4-35"
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 53
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
5 KB 6ms
6ms Image
image/png 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Fri, 11 Nov 2016 10:00:04 GMT
server: nginx
etag: "582596a4-1134"
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4404
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 6ms
6ms Image
image/png 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Fri, 11 Nov 2016 10:00:04 GMT
server: nginx
etag: "582596a4-134e"
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4942
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3118
date: Sat, 20 Nov 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 21:01:07 GMT

GET
H2 200 hb_300016_4947.js Show response
player.adtcdn.com/prebidlink/454843/ 422 KB
123 KB 91ms
56ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a464a4a1f7a108a68ea152f51683acfe20d2fda7e3feab113e5eef7b5dbfaba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 12 Nov 2021 12:48:42 GMT
server: cloudflare
etag: W/"618e62aa-69715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd4CEBIZydkMpGCIVjMZboJCCjEjlWx%2BYdvdoS66QdBF5oKXIHKRmEbxShnGEMu9BV1vtJWKR7oKiFDQxX1Nz1yEmFPR%2BzftkfHYMAUwcK3TEgaJMMljEml%2FN919JyLg22jyJS%2BNf%2BXMlu0TM2T6Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6b1438f1cd12c2db-FRA
expires: Sat, 20 Nov 2021 20:05:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 43ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

33117e1c8a0ff90b497cd908e822acc861b8b9225fcf9b77265c219774de44bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1050 / 694 of 1000 / last-modified: 1637363312"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26884
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Nov 2021 19:53:05 GMT

GET
H2 200 wrapper_hb_300016_4947.js Show response
player.adtcdn.com/prebidlink/454843/ 736 B
1 KB 68ms
34ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/454843/wrapper_hb_300016_4947.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39306f88ed7f6c18f5c6e4b8a98fd39155240d7e29217aa50c44e712443e7b79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 19 Nov 2021 10:56:44 GMT
server: cloudflare
etag: W/"619782ec-2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoEdWYuqhtLWgEWuRCjWY5cuJjv7tPbGR%2FnX2agA%2FEMsRB%2Fk%2FY6nI8HdCMuEg1v8c50NNNhFzWcNnqXG7hr%2BiK5NyPQ1%2Be%2FAc62Qbp%2BQZ%2BnG81EoCqF7HjMXhobg%2F9hGx70QauygSLtBeh%2Fl15u7vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6b1438f1cd13c2db-FRA
expires: Sat, 20 Nov 2021 20:05:31 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 28ms
6ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1637437985532
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
access-control-allow-credentials: true
x-upstream: 4210.10.20.49:5080
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

7ms
7ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

89d3fabda8cfcdf4aa817a91ab36f5a11acf361de28062243508ae86fdae8b71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 20 Nov 2021 19:53:04 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: ALLOW-FROM https://www.ukr.net/
vary: *
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-encoding: gzip
x-upstream: 4510.10.20.49:5080

Redirect headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-length: 0
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
expires: Sat, 20 Nov 2021 19:53:04 GMT
cache-control: no-cache
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame DFC9 13 KB
6 KB 20ms
2ms Document
text/html 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/html
last-modified: Sat, 03 Apr 2021 06:37:04 GMT
etag: W/"60680d10-3435"
expires: Sun, 21 Nov 2021 19:53:05 GMT
cache-control: max-age=86400
content-encoding: gzip

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1 KB
878 B 440ms
366ms Script
application/javascript 77.120.100.148
VOLIA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery300025109559931427916_1637437985471&_=1637437985472
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.120.100.148 Simferopol, Ukraine, ASN25229 (VOLIA-AS, UA),
Reverse DNS: 148.100.120.77.colo.static.dcvolia.com
Software: nginx /
Resource Hash: 039d1b6f6379d9719815d2a548fc30f0757df8e43cea830533a4e1df7e7f979a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 195 B
495 B 230ms
180ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery300025109559931427916_1637437985473&_=1637437985474

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

0bf33c088ce90f6ff1b0b24318b84f2a1f93a13a99e0e9639d8ae2b39bde99c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: text/html; charset=utf-8

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame 1071 6 KB
2 KB 88ms
8ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: b748f53b4be6bcc03940de8de7cc091af51c4fddcc41d161244d7c38f82d8f40

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/html; charset=utf-8
expires: Sat, 20 Nov 2021 19:58:05 GMT
cache-control: max-age=300, must-revalidate, proxy-revalidate
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 ukrnet_ua.html Show response
kinoafisha.ua/widget/ Frame 5855 489 KB
21 KB 193ms
6ms Document
text/html 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 21de81cf1fd4be25ce7e8ba0d6474794da296c77f5c51500d496963579052184

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/html
last-modified: Sat, 20 Nov 2021 19:00:01 GMT
etag: W/"619945b1-7a3ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip

GET
H2 200 covid19.html Show response
www.ukr.net/dat/ Frame B16D 58 KB
17 KB 7ms
6ms Document
text/html 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/dat/covid19.html

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

ebc88a92e77c52800b5668fb88f41535919f5323bdccf51d17b8e364d3311170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/html
content-length: 16767
last-modified: Sat, 20 Nov 2021 19:35:31 GMT
etag: "61994e03-417f"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 3 KB
3 KB 57ms
23ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery300025109559931427916_1637437985475&_=1637437985476

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

61a72745329c527321eeded6f19a3131453beab613ff8c3b90976c466fb5ce87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK ukrnet Show response
api.phoenix-widget.com/api/v2/ 15 KB
4 KB 956ms
910ms Script
application/json 178.128.142.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phoenix-widget.com/api/v2/ukrnet?callback=jQuery300025109559931427916_1637437985477&_=1637437985478
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.142.14 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: TornadoServer/4.3 /
Resource Hash: b896fdc771727083305800c00bd079fbe01a7ec4a49bbcd0fe05fe5a349f14b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
server: TornadoServer/4.3
amp-same-origin: true
etag: W/"d30c5384ece367a1a43f35e39cadaa4250a4090e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *

GET
H2 200 1119189 Show response
servicer.mgid.com/ 6 KB
3 KB 99ms
67ms Script
application/json 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119189?callback=jQuery300025109559931427916_1637437985479&_=1637437985480
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b575445e59703084c661c7665c32e4c02eb6955733ab2f342b407436ef57b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b1438f1eacf4ed4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK addlink.gif
zakladki.ukr.net/bookmarks/img/ 2 KB
2 KB 21ms
6ms Image
image/gif 212.42.76.248
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zakladki.ukr.net/bookmarks/img/addlink.gif

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.248 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv248.fwdcdn.com

Software

nginx /

Resource Hash

baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Last-Modified: Tue, 20 Aug 2013 02:30:01 GMT
Server: nginx
ETag: "5212d4a9-6dc"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 1756
Expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 151ms
35ms Script
text/plain 195.214.195.100
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.16858568623902181&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.214.195.100 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 20 Nov 2021 19:53:04 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 312 B
702 B 152ms
36ms Script
application/octet-stream 195.214.195.100
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.10425415069299437&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.214.195.100 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 72dda00b0d06e644bb6228928e087c8a996e8fb6de480d100e636104f2c496c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 20 Nov 2021 19:53:04 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 152ms
36ms Script
text/plain 195.214.195.100
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.8724284092011703&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.214.195.100 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 20 Nov 2021 19:53:04 GMT

GET
H2 200 chartist.min.css
www.ukr.net/css/1/ Frame B16D 11 KB
2 KB 6ms
6ms Stylesheet
text/css 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/css/1/chartist.min.css

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/dat/covid19.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 15:50:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ea067b4-5db"
vary: User-Agent
content-type: text/css
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1499
x-xss-protection: 1; mode=block
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 chartist.min.js Show response
www.ukr.net/js/1/ Frame B16D 39 KB
12 KB 6ms
6ms Script
application/x-javascript 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/js/1/chartist.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/dat/covid19.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/dat/covid19.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 15:50:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ea067b4-2f28"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 12072
x-xss-protection: 1; mode=block
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 1 Show response
recreativ.ru/cs/1/ Frame DFC9 34 B
238 B 15ms
3ms Script
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 5a320720db022ef2a499e70515b8c2df3d40cb4b6a8d8147cb091541fc3b7fdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b19
cache-control: private, max-age=315360000
expires: Tue, 18 Nov 2031 21:53:05 +0200

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame DFC9 34 B
237 B 3ms
2ms Script
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: f4d137c58b9238f3a6d5078c64cc5f5a7422a729f81bad9482df8a46e473b02a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b28
cache-control: private, max-age=315360000
expires: Tue, 18 Nov 2031 21:53:05 +0200

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 18ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Nov 2021 19:53:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 256 B
160 B 31ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1b218e99044d29a446983918d506c6ea48a6596480c9eb19cff223588c11750e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
expires: Sat, 20 Nov 2021 19:53:05 GMT

GET
H2 200 wrapper_hb_300016_4947.es6.js Show response
player.adtelligent.com/prebidlink/454843/ 98 KB
26 KB 39ms
10ms Script
application/javascript 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/wrapper_hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 370094dd362c0f4c65917bb30003120adeb022011ba5177f257f254d4523d1cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:56:44 GMT
server: nginx
etag: W/"619782ec-1878c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 20 Nov 2021 20:53:05 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame 916A 2 B
99 B 7ms
6ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 45, 45127.0.0.1:8082
date: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame DFC9 34 B
237 B 3ms
3ms XHR
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 5a320720db022ef2a499e70515b8c2df3d40cb4b6a8d8147cb091541fc3b7fdc

Request headers

Cache-Control: max-age=0
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-cache: t5ra6tXavmn-2Bs

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b25
cache-control: private, max-age=315360000
expires: Tue, 18 Nov 2031 21:53:05 +0200

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame 916A 8 KB
3 KB 9ms
7ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?63ed99eb
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:52:00 GMT
server: nginx
etag: W/"61546f80-211a"
content-type: text/css
x-upstream: 4510.10.20.48:5080
cache-control: max-age=1209600
expires: Sat, 04 Dec 2021 19:53:05 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame 916A 146 KB
40 KB 13ms
12ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?f670b3fa
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 7aca48eed950fa3497f925c7e6c8f8840017903add24206b0cfce183314d96c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:52:00 GMT
server: nginx
etag: W/"61546f80-2491e"
content-type: application/javascript
x-upstream: 4510.10.20.49:5080
cache-control: max-age=1209600
expires: Sat, 04 Dec 2021 19:53:05 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame DFC9 3 KB
2 KB 20ms
20ms XHR
application/json 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=t5ra6tXavmn-2Bs&ver=210403-0937&w=0&h=0&vw=0&ms=61.0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b344a62366e5134fbf966b9da770aebf3fd437d8b94cb58419a725f017194caa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
hn: b21
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: application/json
expires: Sat, 20 Nov 2021 21:53:05 +0200

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 1071 11 KB
3 KB 7ms
6ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame 1071 115 KB
38 KB 11ms
11ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame 1071 43 B
232 B 8ms
6ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 3_1.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 1071 1 KB
2 KB 7ms
6ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/3_1.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: b58242a5bf709aaf04fb15794620becb6f667a6dd453fdebc4ade97d351f8f74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-5ef"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1519
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102950159/ Frame 1071 0
457 B 7ms
7ms Script
application/x-javascript 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ukr.net/sinoptik/102950159/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1637437985548
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv253.fwdcdn.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Sat, 20 Nov 2021 19:53:05 UTC
server: nginx
etag: "582596a6-0"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
content-type: application/x-javascript
content-length: 0
expires: Sat, 20 Nov 2021 19:53:05 UTC

POST
H2 200 get Show response
accounts.ukr.net/api/v1/cai/browser/ Frame 916A 107 B
423 B 8ms
7ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/cai/browser/get
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?f670b3fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 66a70a9ed513d19411becef72c0656c16685d4ea4a19c92ef466ddb9abeb1607

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
content-type: application/json
x-upstream: 4510.10.20.48:5080
expires: Sat, 20 Nov 2021 19:53:04 GMT
cache-control: no-cache
content-length: 107
x-served-by: 127.0.0.1:10000

POST
H2 200 get Show response
accounts.ukr.net/api/v1/cai/browser/ Frame 916A 107 B
423 B 8ms
7ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/cai/browser/get
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?f670b3fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5794aefed580dd6622e2feb9bdf83509c6263b7aac3fd30679534d438106aee4

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
content-type: application/json
x-upstream: 4510.10.20.49:5080
expires: Sat, 20 Nov 2021 19:53:04 GMT
cache-control: no-cache
content-length: 107
x-served-by: 127.0.0.1:10000

GET
H2 200 bb2438b55440e7657e6d296cb8b4ac58
st11.rcvlink.com/2/200/ Frame DFC9 15 KB
15 KB 8ms
1ms Image
image/webp 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/200/bb2438b55440e7657e6d296cb8b4ac58
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6aed47437a101465d2d2ed9259fd3b54de0c151be4212da6f891401c32a60e23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Fri, 14 May 2021 14:43:49 GMT
server: nginx
etag: "609e8ca5-b6ee"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 15570
expires: Fri, 18 Feb 2022 19:53:05 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/299917/ 6 KB
3 KB 23ms
6ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/299917/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5b3b67fd4c3c4b56338b43907403a075e5c8aef5a17d0d7332884eedafcbc813

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 12:01:09 GMT
server: nginx
etag: W/"6198e385-19be"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
expires: Sat, 20 Nov 2021 20:53:05 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 916A 58 KB
17 KB 9ms
8ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?5bcf5f0601d113158f97
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 14b6e5af3d417a68ef517da9b376b77cb4e936a389bf6ba12d09c5062a7ddc10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:52:00 GMT
server: nginx
etag: W/"61546f80-e602"
content-type: application/javascript
x-upstream: 4510.10.20.48:5080
cache-control: max-age=1209600
expires: Sat, 04 Dec 2021 19:53:05 GMT

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 916A 58 KB
17 KB 9ms
9ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?5bcf5f0601d113158f97
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 14b6e5af3d417a68ef517da9b376b77cb4e936a389bf6ba12d09c5062a7ddc10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:52:00 GMT
server: nginx
etag: W/"61546f80-e602"
content-type: application/javascript
x-upstream: 4510.10.20.49:5080
cache-control: max-age=1209600
expires: Sat, 04 Dec 2021 19:53:05 GMT

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame 916A 27 B
121 B 7ms
6ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?f670b3fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4510.10.20.49:5080
date: Sat, 20 Nov 2021 19:53:05 GMT
server: nginx
content-length: 27
content-type: application/json

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 128 B
375 B 263ms
73ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 6b207188048ecdd3dd6670161683b537d5ffdad73ca1ba8c55a0ab0f3585209e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Sat, 20 Nov 2021 19:53:05 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 128
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
413 B 262ms
73ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=300016&site_id=4947&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=88arvg.15&vpbv=N014&lifecycle_tte=353
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Sat, 20 Nov 2021 19:53:05 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 752ms
751ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2548523090846738&correlator=1084278024368190&output=ldjh&impl=fifs&eid=31061815%2C31063378%2C31063798%2C21068030%2C31061166%2C31063183&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211120&iu_parts=17774365%2Cukr.net_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1637437985&dt=1637437985730&dlt=1637437985401&idt=272&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=583682291&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1596947696.1637437986&ga_sid=1637437986&ga_hid=341212505&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7adfce23598bd3009ef272c2b7cacf4610246ce5b091e8591e713fd5d1625d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7791
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 496ms
496ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2548523090846738&correlator=2235918030309682&output=ldjh&impl=fifs&eid=31061815%2C31063378%2C31063798%2C21068030%2C31061166%2C31063183&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211120&iu_parts=17774365%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x145%7C300x175&fsfs=1&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1637437985&dt=1637437985734&dlt=1637437985401&idt=272&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2005426448&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1596947696.1637437986&ga_sid=1637437986&ga_hid=341212505&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

957b1aee7b2b49823cd932513d279b403fab046be56bc182a9d40ea53eebd570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8411
x-xss-protection: 0
google-lineitem-id: 5669338252
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347001982
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD57 6 KB
4 KB 56ms
17ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 20 Nov 2021 19:53:05 GMT
expires: Sun, 20 Nov 2022 19:53:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame 1071 408 KB
122 KB 18ms
18ms Script
application/x-javascript 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 14:33:26 GMT
server: nginx
etag: "59380eb6-1e6e9"
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
content-length: 124649
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 107ms
36ms Script
text/plain 195.214.195.100
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.10425415069299437&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.10425415069299437&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.214.195.100 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Sat, 20 Nov 2021 19:53:04 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
16ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=341212505&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAAC~&jid=781205680&gjid=1086240556&cid=1596947696.1637437986&tid=UA-5903420-1&_gid=1744660772.1637437986&_r=1&gtm=2ouba1&cd1=Unregistered&cd2=n&cd3=0&z=787088036

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
23 KB 624ms
623ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2548523090846738&correlator=1282898317232016&output=ldjh&impl=fifs&eid=31061815%2C31063378%2C31063798%2C21068030%2C31061166%2C31063183&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211120&iu_parts=17774365%2Cukr.net_brend_resize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C120x600%7C160x600&fsbs=1&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1637437985&dt=1637437985799&dlt=1637437985401&idt=272&frm=20&biw=1600&bih=1200&oid=2&adxs=130&adys=89&adks=1069264500&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=160x-1&ga_vid=1596947696.1637437986&ga_sid=1637437986&ga_hid=341212505&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

90274de354a49efa34b246ff3e3d8e2b6f264ed28ed5d83263a5e161975e4ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23246
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadercdn.net/ 0
171 B 144ms
35ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?u=9821c8cc1df699c2&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Nov 2021 19:53:05 GMT
server: openresty

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 66 KB
66 KB 7ms
7ms XHR
application/json 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

70d6893d5b22ddac5a2cf6d3c5e368c2d5729bc391c837bfa4743463605a6fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
vary: User-Agent
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 67674
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 5855 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 46ms
15ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5903420-1&cid=1596947696.1637437986&jid=781205680&gjid=1086240556&_gid=1744660772.1637437986&_u=6GBAAUAAAAAAAC~&z=1148281428

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 20 Nov 2021 19:53:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame 1071 555 KB
136 KB 6ms
6ms Script
application/x-javascript 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 14:33:19 GMT
server: nginx
etag: "59380eaf-21ee1"
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
content-length: 138977
expires: Sun, 20 Nov 2022 19:53:05 GMT

GET
H2 200 1637437985886.html Show response
www.ukr.net/viewids/main/88307126,42,22,36,8,55,24,7,39,1,84,28,35,31,22,1,59,22,7,14,10,16,7,22,2,2,1,15,17,27,8,26,13,1,1,1,7,9,6,11,25,9,10,1,12,9,6,4,19,19,16,6,2,18,1,12,9,12,2,3,3,4,14,8,3,2,... 0
217 B 6ms
6ms XHR
text/plain 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/viewids/main/88307126,42,22,36,8,55,24,7,39,1,84,28,35,31,22,1,59,22,7,14,10,16,7,22,2,2,1,15,17,27,8,26,13,1,1,1,7,9,6,11,25,9,10,1,12,9,6,4,19,19,16,6,2,18,1,12,9,12,2,3,3,4,14,8,3,2,9,1,5,10,2,4,1,5,2,8,6,4,1,3,2,6,6,1,1,2,23,10/1637437985886.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/31/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
vary: User-Agent
last-modified: Fri, 11 Nov 2016 10:00:02 GMT
server: nginx
etag: "582596a2-0"
x-frame-options: SAMEORIGIN
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1636976381/ 4 KB
4 KB 7ms
6ms Image
image/png 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1636976381/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1636976381/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: a14a79aca7dced1b1571512cb7a2795eaa1ebd378ba70772da3a44a3b0fa06a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1636976381/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 20 Oct 2021 09:10:03 GMT
server: nginx
etag: "616fdceb-110e"
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4366
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
608 B 6ms
6ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: nginx
etag: "6076e064-18b"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 395
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
674 B 6ms
6ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: nginx
etag: "6076e064-1cd"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 461
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
612 B 6ms
6ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Fri, 11 Nov 2016 10:06:26 GMT
server: nginx
etag: "58259822-18e"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
content-length: 398
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
402 B 6ms
6ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
content-encoding: gzip
last-modified: Fri, 11 Nov 2016 10:06:26 GMT
server: nginx
etag: "58259822-bc"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
content-length: 188
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame DFC9 6 KB
6 KB 1ms
1ms Image
image/png 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Sat, 27 Nov 2021 19:53:05 GMT

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 1071 149 B
339 B 10ms
9ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 1071 389 B
579 B 10ms
10ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 1071 185 B
375 B 10ms
10ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:05 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Mon, 20 Dec 2021 19:53:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5903420-1&cid=1596947696.1637437986&jid=781205680&_u=6GBAAUAAAAAAAC~&z=1240083098

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 51ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5903420-1&cid=1596947696.1637437986&jid=781205680&_u=6GBAAUAAAAAAAC~&z=1240083098

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 80ms
18ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ukr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 20 Nov 2021 19:53:06 GMT
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
allow: POST,OPTIONS
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
963 B 47ms
20ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14
content-type: application/javascript
x-amz-request-id: tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2: tx20fcbba173164c66b29ed-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwuAN3x3AbL7S6WgS4rYY7vJf2gQc0yrfmJAYwZVwcCSOrypbJ8AHuPLBwul6bTDksdi0hN6TC9Vyj%2FFCYoxN%2FOIcalFXTRrboV6Wi8W9DRpqJD2TUGZIhyjM6101JbhTULFWVV4SOJIhi5L"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1637227780937425
cache-control: public, max-age=1800
cf-ray: 6b1438f4cff76977-FRA
expires: Sat, 20 Nov 2021 20:23:06 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
511 B 88ms
62ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c710785c0fc7fd737fb444365a25b2f227f2231507b9754df2b08012e33372

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ukr.net
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6b1438f4ddc45b80-FRA
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
173 B 46ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 20 Nov 2021 19:53:06 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/www.ukr.net/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.ukr.net/ROS?rnd=0.7139202495032477&e=300x250_0%3A300x250%2C300x145%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.ukr.net%2F&pbv=5.20.0&ncb=1&vs...
https://pbjs.e-planning.net/hb/1/2e43c/1/www.ukr.net/ROS?ct=1&r=pbjs&rnd=0.7139202495032477&e=300x250_0%3A300x250%2C300x145%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.ukr.net%2F&pbv=5.20....

81 B
400 B

16ms
15ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/www.ukr.net/ROS?ct=1&r=pbjs&rnd=0.7139202495032477&e=300x250_0%3A300x250%2C300x145%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.ukr.net%2F&pbv=5.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.ukr.net%2F&e_pubcid=12cf7269-8766-4636-95ad-dfb4ebbb7fb7
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 796e34ba233f33fc419a5f4281710a806dd0692a33d3f33ca58861b4a00193fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.ukr.net
expires: Sat, 20 Nov 2021 19:53:06 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 81
x-sid: AMS-607

Redirect headers

date: Sat, 20 Nov 2021 19:53:06 GMT
server: openresty
access-control-allow-origin: https://www.ukr.net
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/www.ukr.net/ROS?ct=1&r=pbjs&rnd=0.7139202495032477&e=300x250_0%3A300x250%2C300x145%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.ukr.net%2F&pbv=5.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.ukr.net%2F&e_pubcid=12cf7269-8766-4636-95ad-dfb4ebbb7fb7
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 249 B
926 B 41ms
15ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1242a979872e690527b17d130c90293d186fd9c6fa063e8480d49d52d0678170

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 19:53:06 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2b109040-2ad2-40e6-bf3e-79586755f36f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ukr.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 249
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
168 B 256ms
83ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 20 Nov 2021 19:53:06 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 172 B
589 B 60ms
25ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.ukr.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6b9d12b-de01-4d97-80b0-2d06becaf102%2Ca084f6ea-4b28-47a0-9cfe-22686fec5025&nocache=1637437986035&pubcid=12cf7269-8766-4636-95ad-dfb4ebbb7fb7&schain=1.0%2C1!adtelligent.com%2C300016%2C1%2C%2C%2C&aus=300x145%2C300x250%7C300x600%2C300x250&divids=div-gpt-ad-1544528258762-0%2Cdiv-gpt-ad-1544528657150-0&aucs=%2C&auid=541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4195e49f636ab9bfad5eb08bfe3b911e68603e9f9a7fcf23b62fcdf743e22160

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.ukr.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
741 B 278ms
229ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.20.0
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 65391ebf77902abbd52f4e384e47c65aaa1a5aed00a419209f86dce9fb31ef57

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Nov 2021 19:53:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 89ms
62ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 20 Nov 2021 19:53:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
706 B 76ms
76ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: ecccabbb163104536df7142673361d9627fc907e5bab3ef081d75cc1ddc7f41e

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 420

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
514 B 174ms
98ms XHR
application/json 52.31.83.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22716ee8a6a6deab4%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.ukr.net%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22300016%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2212cf7269-8766-4636-95ad-dfb4ebbb7fb7%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2231eaca70908cb08%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22272947%2C%22tid%22%3A%22e6b9d12b-de01-4d97-80b0-2d06becaf102%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.83.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-83-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: df44a281af23e9b94b2e579f960ecf705acb9fc743a04a81e3e555442d143465

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 20 Nov 2021 19:53:06 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
514 B 173ms
97ms XHR
application/json 52.31.83.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22724e89d25e3328f%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.ukr.net%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22300016%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2212cf7269-8766-4636-95ad-dfb4ebbb7fb7%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22321047a73e28a4%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22272947%2C%22tid%22%3A%22a084f6ea-4b28-47a0-9cfe-22686fec5025%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.83.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-83-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5d53014b5a05801d3e4229cd877403c2271f942bdccc53ac86a6fbcc850db59

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 20 Nov 2021 19:53:06 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
514 B 181ms
106ms XHR
application/json 52.31.83.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2273fb15e9b6e91ad%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.ukr.net%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22300016%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2212cf7269-8766-4636-95ad-dfb4ebbb7fb7%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22335159ef57a88b7%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22272951%2C%22tid%22%3A%22a084f6ea-4b28-47a0-9cfe-22686fec5025%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.83.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-83-126.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f740d439372834e01001cee32453acfa98ec4202a370649a36b4d17ce18c0232

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 20 Nov 2021 19:53:06 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
184 B 125ms
94ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=42472609579
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
date: Sat, 20 Nov 2021 19:53:05 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 594ms
243ms XHR
application/json 2602:803:c002:200::42
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=12cf7269-8766-4636-95ad-dfb4ebbb7fb7%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v5.20.0&x_source.tid=e6b9d12b-de01-4d97-80b0-2d06becaf102&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.516847464651438
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 391acc74ff31aa01e35abf4f5b8ba4dca16c9970d989e7722dbbf76e3157243d

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 19:53:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ukr.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 506ms
154ms XHR
application/json 2602:803:c002:200::42
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=12cf7269-8766-4636-95ad-dfb4ebbb7fb7%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v5.20.0&x_source.tid=a084f6ea-4b28-47a0-9cfe-22686fec5025&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7640022241959554
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f4e9c68d97ffc00830443ddf06e1f2cfda681916fb6e60c5fa0554349a575e19

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 19:53:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ukr.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
501 B 100ms
73ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Nov 2021 19:53:06 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 584ms
232ms XHR
application/json 2602:803:c002:200::42
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=12cf7269-8766-4636-95ad-dfb4ebbb7fb7%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v5.20.0&x_source.tid=e6b9d12b-de01-4d97-80b0-2d06becaf102&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24838822722772824
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 52141f02f851bd66188b313a1250408d6331fbcb0f8a716cdc3f0779349e7ea0

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 19:53:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ukr.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 496ms
135ms XHR
application/json 2602:803:c002:200::42
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1832306&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=12cf7269-8766-4636-95ad-dfb4ebbb7fb7%5E1&rf=https%3A%2F%2Fwww.ukr.net%2F&tk_flint=pbjs_lite_v5.20.0&x_source.tid=a084f6ea-4b28-47a0-9cfe-22686fec5025&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.289668525634978
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: eb26611a993b92c1dd1ed7b7da8961a9e52fe5db192badd43b5163e99ca33a2c

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 19:53:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ukr.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 481 B
472 B 241ms
67ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: c9bf666f7c04b8aa9aa78e82d97f1468669f057d8e6be3aa82ce8de87c474d58

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 186

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 459ms
435ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2347dfaae7a4e2375aac32c9b282f1f3e322ccf858cf9f07d882ae1808c90cfd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Nov 2021 19:53:06 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e1a95bc1-7560-4eb7-8841-dbc8c73025da
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ukr.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST prebid.1.2.aspx
inv-nets.admixer.net/ 0
0

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
907 B 349ms
134ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
406 B 92ms
54ms XHR
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
330 B 129ms
101ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2265af6870522df69%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ukr.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22660766f06690563%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A145%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x145%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2268b46650dea637f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 879fb3218358aef9d38909e776c6a72d0d4ff5ccc2313cdd1cdabe169bc9e69d

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.81], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.ukr.net
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 730 B
636 B 131ms
67ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463287&aid2=463288&aid3=605039&aid4=607661&aid5=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 524e98a2efc931b6ab54169e186c838abf02049b5c21546d84d2b2648ba3669c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:05 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 350

GET
BLOB 200
OK a056962f-7c51-474c-b541-64183710d161 Show response
https://www.ukr.net/ Frame D1A5 16 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ukr.net/a056962f-7c51-474c-b541-64183710d161
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb682e06c3bbcb8ae56688fe7e05282dede4fdefb3ac4099ed78fb6f1970cc4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 16

POST
H2 200 z Show response
s.znctrack.net/ Frame D1A5 102 B
450 B 118ms
38ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: ae8b0cd07f0ad0bd016c9e04689d9a28421969203fc7383d3c0890f04eed549d

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
Content-Type: text/plain;charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
DATA 200
OK truncated
/ Frame 1071 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4278934221c3880f09cccf46170071ab43fe6ecf37c60b6a87a0f4b6d2a315b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1071 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bfefe36da5d18dcd93d65bd24cc4e5fc186980ab5bce87c3e5c87cb34c07e8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 m_234ub5bcohotniki-za-privideniami.jpeg
kinoafisha.ua/upload/2019/01/films/8704/ Frame 5855 25 KB
25 KB 9ms
7ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2019/01/films/8704/m_234ub5bcohotniki-za-privideniami.jpeg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 385cbb49555e22cb38eb44e56d74fdf7d3682b3c378111f323820d321e05db99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 29 Oct 2021 13:34:45 GMT
server: nginx
etag: "617bf875-63f3"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 25587
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 m_2329dql8moi-sn.png
kinoafisha.ua/upload/2021/10/films/9685/ Frame 5855 75 KB
76 KB 14ms
13ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2021/10/films/9685/m_2329dql8moi-sn.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 56751dc1a79890181a29af4d4326c58d2c2fbdd9b2648b19d49ba7da79978091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Mon, 11 Oct 2021 12:00:51 GMT
server: nginx
etag: "61642773-12d82"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77186
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 m_235kb51bagnec.jpeg
kinoafisha.ua/upload/2021/09/films/9675/ Frame 5855 18 KB
19 KB 15ms
14ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2021/09/films/9675/m_235kb51bagnec.jpeg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7955064620c7cca738c4932182e628b437833059a312ac58b8960bdbb4e9f154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1637437985549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Wed, 03 Nov 2021 14:53:01 GMT
server: nginx
etag: "6182a24d-49b8"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18872
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 43ms
25ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210124
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx330e5abc33664036b2284-0061961d53
x-amz-id-2: tx330e5abc33664036b2284-0061961d53
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiLYuuMW2p1EG2fSudp97XNB8yaAvWtcWAGNDO1pX5OFiroqcrERyUE%2Boh0%2FZ2OiWiXUiiSctXDFUJrzgnayzCLJzS1EKkO904CDj6jHiiyX15dF7Fj4ZJu9p%2BObwnSZixihK0cRHBqzHDEv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1637227779984125
cf-ray: 6b1438f53d9bd729-FRA
access-control-allow-headers: Authorization

GET

csync
sync.adtelligent.com/ Frame 335E
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5ac6b46-4480-4e24-b9a0-135118eef41f

0
0

GET csync
sync.adtelligent.com/ 0
0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 161ms
49ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 102
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 container.html Show response
2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7F5A 6 KB
3 KB 26ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 20 Nov 2021 19:53:05 GMT
expires: Sun, 20 Nov 2022 19:53:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
532 B 7ms
6ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
last-modified: Fri, 11 Nov 2016 10:06:26 GMT
server: nginx
etag: "58259822-13e"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
content-length: 318
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/1/ 10 KB
11 KB 13ms
12ms Image
image/png 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 11 Nov 2016 10:06:25 GMT
server: nginx
etag: "58259821-2962"
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10594
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
580 B 13ms
12ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
last-modified: Tue, 04 Sep 2018 16:19:16 GMT
server: nginx
etag: "5b8eb084-16d"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
content-length: 365
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
684 B 11ms
11ms Image
image/svg+xml 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
last-modified: Fri, 11 Nov 2016 10:06:26 GMT
server: nginx
etag: "58259822-1d6"
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
content-length: 470
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 currency-logo.gif
upst.fwdcdn.com/img/portal/commercial/ 4 KB
4 KB 12ms
12ms Image
image/gif 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-logo.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: d4792f6e3d8b7c64f23b2f0390f07f2bff9f96738c0d68187628f2c34dba842d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 11 Nov 2016 10:06:26 GMT
server: nginx
etag: "58259822-f41"
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3905
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
474 B 6ms
6ms Image
image/svg+xml 212.42.76.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.76.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv253.fwdcdn.com

Software

nginx /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
last-modified: Fri, 11 Nov 2016 10:06:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "58259822-bc"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 188
x-xss-protection: 1; mode=block
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 10ms
10ms Image
image/gif 212.42.76.247
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/77/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.76.247 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv247.fwdcdn.com
Software: nginx /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/77/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 11 Nov 2016 10:00:06 GMT
server: nginx
etag: "582596a6-1ad2"
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6866
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7F5A 22 KB
7 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 17:49:06 GMT

GET
H2 200 bannercode-2c3d41a0.js Show response
trafmag.com/ Frame 7F5A 9 KB
3 KB 22ms
22ms Script
text/javascript 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/bannercode-2c3d41a0.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

4fbd98e7fa537367ac7ae091808961ccbe8d204e6eb2fb3cf57dba2d8925bef3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/javascript; charset=utf-8;
content-length: 2979

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F5A 119 KB
37 KB 67ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F5A 0
0 42ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4EHTNhGO-wwwg1HBlosYSxA122cGGVujrfuKmFsAhhXJnhasjlt-8rC-q9mVILwIjshLt74S8uD1aMnNvDmsH5l62Og_ChVaLP9N6Nq26sXDE9jevt7B15epxsvB7DUUy2Q2svLu_XY0EGehlOSagLoZ3rmoQC0JvHys4gM7QPevSFcg8WcHbABPRqJFuzoEFDEF0j6qcpi9oDBDuaPD8DEOJjiHHYtcrbmg7irUEUsgCQ7Z5yDUurOFMOVGr5btH51FG1dw0xupsHBpJ6mE6YAXaGHNBSl_MWSVbTcRn8PgHoxwr0TUxKJQ&sai=AMfl-YSJ77jxUnXfC1DHUIRFfA9WZdU6QcG-BnZ0At2-XdyoE58H6oUDwnrpuYReDNS-fYCvRIItXq0o2UlDTDllKndB4-81K3AzFWEwIU6twv7rAAJ6R7_mIH9kTCpTUPzi&sig=Cg0ArKJSzEHdi8MR3cu6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H2 200 style.css
cs01.trafmag.com/banners/rozetka300x146v2/ Frame 7F5A 3 KB
3 KB 94ms
21ms Stylesheet
text/css 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cs01.trafmag.com/banners/rozetka300x146v2/style.css?rnd=778
Requested by: Host: trafmag.com
URL: https://trafmag.com/bannercode-2c3d41a0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 78a950d5468e108a83fd66bc5394400365b46f9645c742b24133c53100f558be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Mon, 30 Nov 2020 16:30:02 GMT
server: nginx
etag: "5fc51e0a-c95"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3221
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 main.js Show response
cs01.trafmag.com/banners/rozetka300x146v2/ Frame 7F5A 6 KB
7 KB 115ms
42ms Script
application/javascript 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cs01.trafmag.com/banners/rozetka300x146v2/main.js?rnd=778
Requested by: Host: trafmag.com
URL: https://trafmag.com/bannercode-2c3d41a0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 528cda079b4743d154dba29ca5608946877e132a95c35602cfcc307b2f5303c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Mon, 28 Dec 2020 09:29:02 GMT
server: nginx
etag: "5fe9a55e-19cd"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6605
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H/1.1 200
OK afclid Show response
afl.rozetka.com.ua/ Frame 7F5A 0
407 B 77ms
17ms Script
application/javascript 193.200.64.15
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.rozetka.com.ua/afclid?rnd=0.2975064312094027

Requested by

Host: trafmag.com
URL: https://trafmag.com/bannercode-2c3d41a0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.64.15 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

affiliates.rozetka.com.ua

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' rozet.cc; script-src 'self' 'unsafe-inline' 'unsafe-eval' rozet.cc;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 19:53:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
P3P: CP="NON DSP COR CURa TIA"
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' rozet.cc; script-src 'self' 'unsafe-inline' 'unsafe-eval' rozet.cc;
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 0

GET
H2 200 logo.png
cs01.trafmag.com/banners/rozetka300x146v2/ Frame 7F5A 5 KB
5 KB 94ms
22ms Image
image/png 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/banners/rozetka300x146v2/logo.png?rnd=1
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 1aec2bdc267370ccba729825eb4699cba852cb311f4469dfaa209683c7e48e39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Thu, 28 Nov 2019 14:32:03 GMT
server: nginx
etag: "5ddfda63-13fd"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5117
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 9b79014bfd8a9de72b0795d72997096e.jpg
cs01.trafmag.com/images/posters/ Frame 7F5A 9 KB
9 KB 114ms
42ms Image
image/jpeg 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/images/posters/9b79014bfd8a9de72b0795d72997096e.jpg
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 6192d1726825bfa203787c968d0f3346001929188e501cf3941cb9862bc779d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Thu, 18 Nov 2021 22:38:02 GMT
server: nginx
etag: "6196d5ca-24d1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9425
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 2884d29bb103c48ee77987634fabb65e.jpg
cs01.trafmag.com/images/posters/ Frame 7F5A 5 KB
5 KB 114ms
42ms Image
image/jpeg 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/images/posters/2884d29bb103c48ee77987634fabb65e.jpg
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: fb8c0eb6d06b539f1c18c6e77ee6a674bf5b9ec8ac878dc5b031575db9a8b5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 10 Apr 2020 07:28:33 GMT
server: nginx
etag: "5e902021-1200"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4608
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 7789b5798f9895a283fe49db1a494103.jpg
cs01.trafmag.com/images/posters/ Frame 7F5A 5 KB
5 KB 115ms
43ms Image
image/jpeg 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/images/posters/7789b5798f9895a283fe49db1a494103.jpg
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: f53fd5f6c65409a7668fd99a516201a1caf6fbb4a4f846ca909c3187ad21e307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Sat, 13 Nov 2021 06:38:02 GMT
server: nginx
etag: "618f5d4a-132a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4906
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 3d109cd10229dde9aed2873c00b54f54.jpg
cs01.trafmag.com/images/posters/ Frame 7F5A 7 KB
7 KB 55ms
54ms Image
image/jpeg 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/images/posters/3d109cd10229dde9aed2873c00b54f54.jpg
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 62f25591390dd0d01f7c985879804345bf0e2da10c6c2cae3ae04501f50e7efd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 20 Nov 2020 22:38:03 GMT
server: nginx
etag: "5fb8454b-1b9c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7068
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 2b07ab25f6f5d6cebfa526728a829cdb.jpg
cs01.trafmag.com/images/posters/ Frame 7F5A 13 KB
14 KB 57ms
57ms Image
image/jpeg 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/images/posters/2b07ab25f6f5d6cebfa526728a829cdb.jpg
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 51bda33e8edc0c3b515853c9b0939249ce80a7e2ad65ce4833150cd2e015c810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Fri, 24 Jul 2020 06:37:02 GMT
server: nginx
etag: "5f1a818e-355e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13662
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 e7dcdd174cd2374355c01bd294037379.jpg
cs01.trafmag.com/images/posters/ Frame 7F5A 5 KB
5 KB 58ms
57ms Image
image/jpeg 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/images/posters/e7dcdd174cd2374355c01bd294037379.jpg
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: 4d5f5533bd90ab0d5574bf73a222361c8470b1b331611a237277a5e4aa23ca78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Wed, 10 Jun 2020 17:38:03 GMT
server: nginx
etag: "5ee11a7b-14f5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5365
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
H2 200 bstdc23ff2a313aed92bf9d9daafc7cce99.gif
trafmag.com/ Frame 7F5A 43 B
205 B 14ms
14ms Image
image/gif 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trafmag.com/bstdc23ff2a313aed92bf9d9daafc7cce99.gif?site_id=1672&informer_id=0&rnd=1637437986326856266

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
cache-control: must-revalidate
content-type: image/gif
server: nginx
p3p: CP="NON DSP COR CURa TIA"
x-frame-options: SAMEORIGIN
expires: Wed, 01 Sep 2012 11:11:11 GMT

GET
H2 200 link_dot.png
cs01.trafmag.com/banners/rozetka300x146v2/ Frame 7F5A 95 B
266 B 58ms
58ms Image
image/png 195.191.235.70
ROZETKA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs01.trafmag.com/banners/rozetka300x146v2/link_dot.png
Requested by: Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.70 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: cs01.trafmag.com
Software: nginx /
Resource Hash: c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
last-modified: Thu, 28 Nov 2019 14:32:03 GMT
server: nginx
etag: "5ddfda63-5f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 95
expires: Sat, 27 Nov 2021 19:53:06 GMT

GET
DATA 200
OK truncated
/ Frame 7F5A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87e776fa630daf9132dfaf2526047622ab91c4b426d5e7c4291f9257c497910b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF30 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 20 Nov 2021 19:53:05 GMT
expires: Sun, 20 Nov 2022 19:53:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame DF30 2 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 18:07:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 19:53:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DF30 1 KB
880 B 27ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:44:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF30 0
0 48ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDH5NIVKZYeWvM56W3gO_wLrwDeHpoMxm1IGHqKkNmrTC480iEAEgldSZH2CVgoCAsAegAdzfytwDyAEJqQLHX47EZ-2yPuACAKgDAcgDmwSqBOIBT9AAVRlpR8XwNRHBIgZlmYnOKLwi2vdI7uq681ZOZo-xg73HWl9Dx_REdtZ__5ZKw4j0alm1sSC13Qx2UOqwBH7Odzmd2GSDbUpimCHbz1tyuXx2qy42lXNN0pdpx7rEWc669dWwSPHN3mCZFDtx4BxWbMjOOYiHcMN_1A2OJtsVwHstwjHC6kxDkKFM9PQBZPjuJvnBqnW_XiXJQv_-CcSbhVKVyAj7MS42fZs-gACz6ct3wQtzHQ_mZ9KRGmSjbY5DFQRiswA0hVIlsBKqXEnSUe-5TRP3Mx6_ZkIMRhg2rsAEyf-sxsgD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4ygtSOoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQxrUn0ggJCIjhgBAQARgdgAoDyAsB2BMO0BUBmBYBgBcBshceChwIABIUcHViLTYzNTcxNTcwMjA4ODE3OTcYnawV&sigh=kbGRRdT5muc&uach_m=[UACH]&template_id=494
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame DF30 19 KB
8 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:46:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DF30 2 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:49:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF30 119 KB
36 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DF30 15 KB
6 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:41:52 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame DF30 27 KB
12 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DF30 12 KB
12 KB 39ms
13ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQKdvImrNraX8edSdIG1HdixpbHR-40J3NySqdjA0wrpEAczzpxhWn8DhCO7Q&usqp=CAI

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59dce15dbd4a9d579b4e9cae2cefc03c018304dec96e42cd6469abb7ffd69885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:39:26 GMT
x-content-type-options: nosniff
age: 141220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12422
x-xss-protection: 0
last-modified: Sun, 14 Mar 2021 01:59:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Nov 2022 04:39:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame DF30 13 KB
14 KB 43ms
6ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR_Wfv318pcew0D6ew-3wxFqyks7c1GmUu_MCVyHeg--q08AH9G&usqp=CAI

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148b065affd027985c2d0b09b920cfdfd9383b5e58a875821bc75ffaccde4a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:48:24 GMT
x-content-type-options: nosniff
age: 104682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13521
x-xss-protection: 0
last-modified: Sun, 14 Mar 2021 01:15:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Nov 2022 14:48:24 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DF30 25 KB
26 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTOU90ar6-VGFJsnk104VTHllJYCM-7zgYqqkHqPyevqZx6GFXRw3OsyDbWHA&usqp=CAI

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021c33bcfa8fe7e8f01ba82b95b913b209dd57a8c0b42e70113875c12a85e7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:17:55 GMT
x-content-type-options: nosniff
age: 272111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25996
x-xss-protection: 0
last-modified: Sun, 14 Mar 2021 00:34:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 17 Nov 2022 16:17:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DF30 15 KB
16 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS7xwZYOS7yuIVstYg9WtC1xD13i_VzHi7nqpxxf2alLQggR2GR4hsCfmyEFGw&usqp=CAI

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c21cf338228f8bc7e18aaf002b11135b4890dbaa17578e56cfca18271e4ab288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:40:03 GMT
x-content-type-options: nosniff
age: 317583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15579
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 02:02:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 17 Nov 2022 03:40:03 GMT

GET
H3 200 container.html Show response
2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85C2 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 20 Nov 2021 19:53:05 GMT
expires: Sun, 20 Nov 2022 19:53:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F5A 0
0 42ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUrjIHWImPYoIVAYI7QezPffTNNFsfm81zIdnMNroao1ENWfI9RUdS7_tpYn0pMbHml7CYu78Vdt6iSakKsGiBj1CVo-jJ_2-OS4EqjWxb6eyPNZd4muRE5oYLe-ph8lTwuGm1CbCbQ8IgGbD0pIOUTOd_-kOzTm4hsW2zi0m9seYKui68JX9KU5ETIQjoCRGjqoEIA83TaNLGwiRFVf4NBB6R_31vK7w7plY7fWhuKuDKGkm66j1Oh74n-swwR5hcKHWS5nYIqGDqxZZnDg0YBS2kxswUb1Jmykp3kfSNQM-n3JFuyieu3o_Lqg&sai=AMfl-YQKzcjsyz8cETkq6Q2mFAmIMtXR52bpMUJAUJDtS4c6X-r3ld4qN5M4orVqWEb9FqvZ5Guj_DtL2ctiCpkAPEb1I5wMiHmXUjZ3OW1uTlpJqodmlJtTsBrNxW2HeE2q&sig=Cg0ArKJSzDh7At0rvcvoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
DATA 200
OK truncated
/ Frame DF30 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8240e41b521ae8868075194126f9fd9be1ee2ed8108eccb18095e1ccfc9b6bc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame DF30 20 KB
21 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 295387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 09:49:59 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1438 0
546 B 43ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNXUP7jPhDCJFgS1tmwLptexRiM_-iIsDCl3afSffC1KmKIWUCtxAP3ZzVwxE4OpWfn8uLgEhPYjGYwHq6kR09gHUZv8Tg

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 19:53:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 19:53:06 GMT
cache-control: private

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 85C2 72 KB
30 KB 75ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DL0Xw_Tq3S6NwqM-e5omtyuBWK0HkvtozVIYTa0lIWfrGfeLZyH5fVxR8Od68Qdk6CcFKJyQerhSLnpGR8q4mHFuJgCNuE9YPr2jYBd0i7E9VZtjzq74OG7FJdb9rlqTVKPyBWiChUcCq6hRmV3TK-s7zKTw&dbm_d=AKAmf-An5xuG3IugY_cwuftBxMXcWyJXuWMKDNs9J3Uv0BWSY7ebZdjNQ6PFDPnfR5bicQVVrkvgW_OYBW8NjtCO50-3NJkooqCF5dsKkSt3R1Gwya4ckvIL1Olh-UewUybOJQ7agObDSJRc-HOYyvlmvzcjJDOuBGdvY1-5QMOTwNLRMR3hzt26CDUlcXfR7kFju2e55x2xdD_7wFXnOilDixiyVteQGXTsoRqTzL3Clqz8WOV0tyNf2pPdgK3gMGO2ncu9UI5vvQ0mO5JFeBLAIr0ZuLGVnwZHCIll_sVhCvcuW58RCtF-X4NVqEklnJtSvvKUHoXMIqiLvcmZ7Krw6UvLorsLh9kXiOkHrigQnG6ehpvK15mebmBLZpuQJSBiGnoeP-uEIuYhnxxQORKkJ65W08s-ZzUJDTUTovXMuORgSmBO_g4dPsVlUhOJrCWiQ-IFNBaNYsS2VZPau8pjz5_i4iQ_O1C3srkFy_Ki8oucGG7M2dwiZ2nJuGzGyiOADlyc8fFcHEq6fjWIvmugquGrvX9w2PCnzcOBy8p8y3m-_PXcU0Ya7BgfpTtAjdCSABRNOUrk7tkPrQTcNwTjvtGg2uFL9Lwi0HgQ2eaC6R0JY8EUYWkjuTSu51-0jsLx8nZPHetMacuf6JthD1DTHV9xLNh8zkv5evX9254zQvIonceakDx20Got5vIeTdXCFIt_gloX0WVdmc8I4cCWjt4ZrhFFy9IWm5jyYhhpuHb7GcESQsNGVX8T2RiW11QLpTTcz5a7lWzU-9j8l_AuCQPu2805j1QCX5N9_ADmvdC565q-BPl7BsRRHzxn8uweNDES--lWjOk78vPIK_YmlaXDFbKfv2QhBOURC06HhXWGd8M-tTwnJwce20ZKgVwthYguUbey5NVeCKkN29y3AGhM8kXIZWEvA4L3_UPbUhU8Jn7bNB6NpAC9v_7VvZ0xY4y9rJ6U7BjMYHyj74Tmc_dhQ2JjsJ66DpeyL1DQHKGdopFui7TvJ-4QyMGwhbeWDBJ8BFVwGpg6a-pXJ1HAKCVljW1hy96MhSWLDLx_XEiI4IoM-gV74BKEJxLSBj0ev34pMKe3F6tLFaRSUcxJ9ToGl0196gqVTPY3A9AzdwYIIWwmFvFeyiWllLeUdWOhWRpV7rcniAx-6afeQohYUcR3mebSr3t5QiZNODhBEM6IQcGh8y0FtgQzgHZpuO3DICu1_xvVpv2EbQP0ppQM14yBhbt2uQ7l4sIDSqxlkcaVKUDIqod6lHvhKGAZg34hzt7keMz0pWhx7vwZdm7imCj7GzcFIBk9asmzNKQkuG3wOvB8FJESWkNvAC9S1grksZuEKOWxcALx1X4o7VJVkZ8wH9_84cYBXmG7LCKVf37I23TdSUabxLOn0rYrvul83WjnYKHpbgfY8No7787mSPwnPv2gDweZTKSyJvdk0QEmDSQIwtLOkGQ2U_h-6C2zB-eleG_i3x1tzbRFmeyw38uDsbfOHZrgjzne2VD6C9CW-X4DY9Y2-9tuwv5oWdhpY7XoUz8N5OSfpxLPVlLa-rTTLAIkMf6dM24ZGpsK1o-zRLFQ7-yEQeYRaf7Mr4vVcVGGJxrGCqLwiQ3GdZObrLgRmjtKsNUKBScHNdTTFrFJdp4BWRQ4r8zUMQ7WIOGT7RwOmOXGSoK_d7_x2abgUlZXry8bt5w1cRAnlDdI7OsRNyDItAil59Jy-QAbq2J7jpKV40PLd1wdreOatUMvz7oEtnavULV0pYsp9t9O4LMZIYtig_l4LWMOL-TW9c1el0HzrI_LJniMLZLeu9_cSN2Rc68OOKLDrYDKU2sa9QeB5r-pxFMufgkGEpZDd7y7wgVIgS0yFD6f07Eqp221nUO5Hu44ZRrI0IDCQwAfifVN1zcAbcWKIx3NJHmBxnbRmBT4vtI_K1q55YxoZypU6bninIaD9s2crZKvZLlh3Yzf3Hz97kxnGg6OYOi15VhEpgvX8-JY0lcF27ARd1re2Z750gWlTiRTSlWP9XBhNrU5eTcWFuPAATEiLv0TmIPAWTopXkoUWUkW2OJpdwL8TDz53byZbDw2Ox9qRTndS9bN4eeQbyMQrYYsivjDeTz1cEoX5BgphuTvDRlWDFUmsAtX35H1zUuw2rLkeGqZxpUJ_v4uFjH4KadCg9BlEvFqsu2HvGDM9Eg9iWpnqWrZ_P61wWdDlP1GOzOLoNMEuJofFt6HWiVmHBNE6TeocV0g_A4YaPzgfhQnhtcB7lfxAUWzX4pWYXoaO3aZBsP3-V8s8AH8crQyeThKXEuGi-lVn98y37xmpl8FtPdetkEu288IZ8Bfpptw3cEtnV3nXYzgOw2Se62qUiTOdsf-SnfCbynoV4ElgRuyAIyfCM86bYTqMOt6zATiDxp4y2VNZQkj6RjPvUUBw34AeNUWaSvPn5Tayv-Az4G7rTUP6NLRki-DlCPvmqXEMfxT1lhQKViuHCBBnZaYpO3Od0ZR6l0fdeIyBcJz4-DKyBoi5aB8W5BZeweqojDn-bsqVf7ojEIz7Z-SA2OxtSI4CbAy37kPKjyL-igSwWHC7bisDsEgC7YpB1rKREaC1o-iZv3z1zQR0vyvPpTKE6ep9Uu_sEdd-41PEUWI2bMuvbF-QHY8GrX1yt9AOSMrsbBFS1SLxO93A8aSBrp30igYTxcO6kofYTi63jkyEw6imYneYYHV4OT_tZBNnqnwCZrbTTdnGnC1xcS04Gj6rTT3WBOiJ3V_HssD0MmRMn8ui6FAeNJcdly2zTWBSo3SuexA_WIhfpxbm6-tH3QjUNUGRhSA5253xnelw7vfFbAyGKEUGnwTe8AEoJ2DqnkukzVhdu3YIzdYZPed7Eh9pD3HsHu9TY_C4JbwJFyDACwJu1-dCO54m3HcnX5LFNlHrHDQob6UbiDseMS1BmdpzbsQflOWVF66yV-BMGhbnhNK_Ght5eDwN3fMN12PxYPhswDFfW62Ck84BeXi_BacNc5IUsNC_TF7VzTs5OMVoP_rjObY3x76bvfbVpH7kQPIhkWg-VDrcy5UWPzstyfi30jttJtqJ6oMO7yS708MEF100BopsWDjn-ZeS1VUv3PbBMpSeg6y4gntWUFMbzHPrQrzP-1gNsUE8Td4egViekbF2eNUumN5sI_RetCR9UkNb_AFbRu8oZ0V_ztG3fByLBd9IRWSj-fajWkYGm_ooPrAQXY_br49OkNYDzAcGK_tRqd_SnOq_u_T5x3I674nHicH26d_WicOqV9fQ-E_Qk2NubLyV9Eu9rUiJlE0wA&cid=CAASFeRopPLSc67uf_7llPRBo7P59iLwvw&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74efd3bd783ca864604e4a4930745d4bb989f6b693904cc2f853cf51555fad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30692
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C2 42 B
494 B 64ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABO9UfwyDQA8-NVtSwsQkuC5N0L6UbjwAWoibYArTlKUAuUvk2MG50bWx7gFVprZS2xd_VDgnsW9hqteJ7iNn1tFj3ByQNcll6J3vnc8gFvZmXJ3g

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 85C2 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:49:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85C2 119 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 85C2 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:41:52 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 85C2 106 KB
38 KB 67ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
Origin: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 85C2 8 KB
3 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DL0Xw_Tq3S6NwqM-e5omtyuBWK0HkvtozVIYTa0lIWfrGfeLZyH5fVxR8Od68Qdk6CcFKJyQerhSLnpGR8q4mHFuJgCNuE9YPr2jYBd0i7E9VZtjzq74OG7FJdb9rlqTVKPyBWiChUcCq6hRmV3TK-s7zKTw&dbm_d=AKAmf-An5xuG3IugY_cwuftBxMXcWyJXuWMKDNs9J3Uv0BWSY7ebZdjNQ6PFDPnfR5bicQVVrkvgW_OYBW8NjtCO50-3NJkooqCF5dsKkSt3R1Gwya4ckvIL1Olh-UewUybOJQ7agObDSJRc-HOYyvlmvzcjJDOuBGdvY1-5QMOTwNLRMR3hzt26CDUlcXfR7kFju2e55x2xdD_7wFXnOilDixiyVteQGXTsoRqTzL3Clqz8WOV0tyNf2pPdgK3gMGO2ncu9UI5vvQ0mO5JFeBLAIr0ZuLGVnwZHCIll_sVhCvcuW58RCtF-X4NVqEklnJtSvvKUHoXMIqiLvcmZ7Krw6UvLorsLh9kXiOkHrigQnG6ehpvK15mebmBLZpuQJSBiGnoeP-uEIuYhnxxQORKkJ65W08s-ZzUJDTUTovXMuORgSmBO_g4dPsVlUhOJrCWiQ-IFNBaNYsS2VZPau8pjz5_i4iQ_O1C3srkFy_Ki8oucGG7M2dwiZ2nJuGzGyiOADlyc8fFcHEq6fjWIvmugquGrvX9w2PCnzcOBy8p8y3m-_PXcU0Ya7BgfpTtAjdCSABRNOUrk7tkPrQTcNwTjvtGg2uFL9Lwi0HgQ2eaC6R0JY8EUYWkjuTSu51-0jsLx8nZPHetMacuf6JthD1DTHV9xLNh8zkv5evX9254zQvIonceakDx20Got5vIeTdXCFIt_gloX0WVdmc8I4cCWjt4ZrhFFy9IWm5jyYhhpuHb7GcESQsNGVX8T2RiW11QLpTTcz5a7lWzU-9j8l_AuCQPu2805j1QCX5N9_ADmvdC565q-BPl7BsRRHzxn8uweNDES--lWjOk78vPIK_YmlaXDFbKfv2QhBOURC06HhXWGd8M-tTwnJwce20ZKgVwthYguUbey5NVeCKkN29y3AGhM8kXIZWEvA4L3_UPbUhU8Jn7bNB6NpAC9v_7VvZ0xY4y9rJ6U7BjMYHyj74Tmc_dhQ2JjsJ66DpeyL1DQHKGdopFui7TvJ-4QyMGwhbeWDBJ8BFVwGpg6a-pXJ1HAKCVljW1hy96MhSWLDLx_XEiI4IoM-gV74BKEJxLSBj0ev34pMKe3F6tLFaRSUcxJ9ToGl0196gqVTPY3A9AzdwYIIWwmFvFeyiWllLeUdWOhWRpV7rcniAx-6afeQohYUcR3mebSr3t5QiZNODhBEM6IQcGh8y0FtgQzgHZpuO3DICu1_xvVpv2EbQP0ppQM14yBhbt2uQ7l4sIDSqxlkcaVKUDIqod6lHvhKGAZg34hzt7keMz0pWhx7vwZdm7imCj7GzcFIBk9asmzNKQkuG3wOvB8FJESWkNvAC9S1grksZuEKOWxcALx1X4o7VJVkZ8wH9_84cYBXmG7LCKVf37I23TdSUabxLOn0rYrvul83WjnYKHpbgfY8No7787mSPwnPv2gDweZTKSyJvdk0QEmDSQIwtLOkGQ2U_h-6C2zB-eleG_i3x1tzbRFmeyw38uDsbfOHZrgjzne2VD6C9CW-X4DY9Y2-9tuwv5oWdhpY7XoUz8N5OSfpxLPVlLa-rTTLAIkMf6dM24ZGpsK1o-zRLFQ7-yEQeYRaf7Mr4vVcVGGJxrGCqLwiQ3GdZObrLgRmjtKsNUKBScHNdTTFrFJdp4BWRQ4r8zUMQ7WIOGT7RwOmOXGSoK_d7_x2abgUlZXry8bt5w1cRAnlDdI7OsRNyDItAil59Jy-QAbq2J7jpKV40PLd1wdreOatUMvz7oEtnavULV0pYsp9t9O4LMZIYtig_l4LWMOL-TW9c1el0HzrI_LJniMLZLeu9_cSN2Rc68OOKLDrYDKU2sa9QeB5r-pxFMufgkGEpZDd7y7wgVIgS0yFD6f07Eqp221nUO5Hu44ZRrI0IDCQwAfifVN1zcAbcWKIx3NJHmBxnbRmBT4vtI_K1q55YxoZypU6bninIaD9s2crZKvZLlh3Yzf3Hz97kxnGg6OYOi15VhEpgvX8-JY0lcF27ARd1re2Z750gWlTiRTSlWP9XBhNrU5eTcWFuPAATEiLv0TmIPAWTopXkoUWUkW2OJpdwL8TDz53byZbDw2Ox9qRTndS9bN4eeQbyMQrYYsivjDeTz1cEoX5BgphuTvDRlWDFUmsAtX35H1zUuw2rLkeGqZxpUJ_v4uFjH4KadCg9BlEvFqsu2HvGDM9Eg9iWpnqWrZ_P61wWdDlP1GOzOLoNMEuJofFt6HWiVmHBNE6TeocV0g_A4YaPzgfhQnhtcB7lfxAUWzX4pWYXoaO3aZBsP3-V8s8AH8crQyeThKXEuGi-lVn98y37xmpl8FtPdetkEu288IZ8Bfpptw3cEtnV3nXYzgOw2Se62qUiTOdsf-SnfCbynoV4ElgRuyAIyfCM86bYTqMOt6zATiDxp4y2VNZQkj6RjPvUUBw34AeNUWaSvPn5Tayv-Az4G7rTUP6NLRki-DlCPvmqXEMfxT1lhQKViuHCBBnZaYpO3Od0ZR6l0fdeIyBcJz4-DKyBoi5aB8W5BZeweqojDn-bsqVf7ojEIz7Z-SA2OxtSI4CbAy37kPKjyL-igSwWHC7bisDsEgC7YpB1rKREaC1o-iZv3z1zQR0vyvPpTKE6ep9Uu_sEdd-41PEUWI2bMuvbF-QHY8GrX1yt9AOSMrsbBFS1SLxO93A8aSBrp30igYTxcO6kofYTi63jkyEw6imYneYYHV4OT_tZBNnqnwCZrbTTdnGnC1xcS04Gj6rTT3WBOiJ3V_HssD0MmRMn8ui6FAeNJcdly2zTWBSo3SuexA_WIhfpxbm6-tH3QjUNUGRhSA5253xnelw7vfFbAyGKEUGnwTe8AEoJ2DqnkukzVhdu3YIzdYZPed7Eh9pD3HsHu9TY_C4JbwJFyDACwJu1-dCO54m3HcnX5LFNlHrHDQob6UbiDseMS1BmdpzbsQflOWVF66yV-BMGhbnhNK_Ght5eDwN3fMN12PxYPhswDFfW62Ck84BeXi_BacNc5IUsNC_TF7VzTs5OMVoP_rjObY3x76bvfbVpH7kQPIhkWg-VDrcy5UWPzstyfi30jttJtqJ6oMO7yS708MEF100BopsWDjn-ZeS1VUv3PbBMpSeg6y4gntWUFMbzHPrQrzP-1gNsUE8Td4egViekbF2eNUumN5sI_RetCR9UkNb_AFbRu8oZ0V_ztG3fByLBd9IRWSj-fajWkYGm_ooPrAQXY_br49OkNYDzAcGK_tRqd_SnOq_u_T5x3I674nHicH26d_WicOqV9fQ-E_Qk2NubLyV9Eu9rUiJlE0wA&cid=CAASFeRopPLSc67uf_7llPRBo7P59iLwvw&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:50:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 85C2 24 KB
9 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:51:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 85C2 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
DATA 200
OK truncated
/ Frame 85C2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565ad4275290dffb6d5cd4c4bd1e9c0e1b70b5a256c731452fec2f09d319d95e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F8B6 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 09:35:04 GMT
expires: Sat, 19 Nov 2022 09:35:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 123482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame F8B6 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18419831854861205280/ Frame 3AC4 11 KB
3 KB 22ms
8ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae2082902e7062b5fd5c990b3a2bcacd0b0d5882dbefe40143008fc1ee44b9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3323
date: Fri, 19 Nov 2021 22:38:49 GMT
expires: Sat, 19 Nov 2022 22:38:49 GMT
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 76457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85C2 0
571 B 100ms
51ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJIzmAr6N5ttBY2dPtlx9Adt_npDZfzvCj_DSpNlBL10Rz39dg09BbUG7Q6un0H3Hfj14wKcYUqtrI1x3kYQ28x_IrxpG0gsR2qEkBgivuYQ_FxJSvoD95nAX1P5qHnBwC9I8yloE9vCp2KTApwEUPi4gzTk-f8t2_PxQ3UBfH8UH6u7POvin5yjo7A95axckjTZpnlq5LFCbG2z_XsaDerzklXwWAOGkPFWzYaP3-9sCtGYWW8XAzBO-eHCep6taOzdPKteWp27v2c8xHxgyLgyIjWgIME-LZykxGJ_81wqHW_0XVcNjiYQ_2FR44RkoQ86CmbQojQ5Qf9BCtPMgNG_EPb2KfLPGau89o5bdGbNHwH4jjiwUKQhyCYLEUC0TSqOViNkpyPQB7XnT9yA87-FFrwSgRegouU9l9l6W26Hc13ACeAR6YhgNBeCDXR7o1re-6oj9dhC4xHmslQKN_gR22kyJlbrv19NKxswbtV_7bjALYsoAtHPeLwoXHyUstmlNQZ4PFTKS6U6FsvLjsMmxcHDK-EeRvzLoe0D4P8vDwFy8l03pWC8_JFwCkxuILiFcHg_8VKyp1lXe_eXE5032XeVA7_WDysmUIZ5X10y_FKRCEBloFDCEjOI6H_2SLZWdNcoyJN6v_bKt1o3OqvqrxNg0brgF3VLEX0WTKMYClcEVHoOC152W1gtkUd9im_2S88EXDejYls8WVoGRbZkXuO8sl_1dQFBxDKmixW7T7qGo_UUrrpnTmkl0p-2Ne8CIHrMhNZ5VLaJILnJxk0I_KxFt173lRR4D0aDRM86vHcTQ13vpu1ePNaW2v7CI26h6Do_p6Km37PMocyGmoSg4sJ9oe6Ah1DJf5mxAgR4u8lPkwKOKvDkzq8jd-vT50FEkCJ3C5d2FsKl6dz9lHBl3XR0bNp_8AgXXEDPl3eRo2fg7XVNV5TL0ucKNzUU0Xs51r8VpsPKIeztxPX4NrGtwXUPW7EI21CDUQj1f96_tpHoS3yun4hbNi9P1HlgPCoGJvBZoffiWY897peyXPoP-4-fVmYhPNljsmgOI-LSd-NNmS1WVd0DKU6_T6YoDDwPcqqSxJWb4mlUJRsZg2CfEiSgOBps3RO0oiDhyOI3A&sai=AMfl-YTIWV3JEhvj397JH6afP93b1R-W09-0YXQkyjapgMmlpT1IjoMAiYc_pjnnciBieW8BmjCVqQxUE22cnoAP9uZc9uenCzOlNyAe5_GmLR_X10pxxgpZkgHCY4qZtYxr8lQT1qqLupK0EIy6ZXaxBGNsyJ89Y_iqogt-sF8&sig=Cg0ArKJSzGjn4XK_VueBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=81&cisv=r20211111.03786&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 20 Nov 2021 19:53:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f6867a8b1d5dc6bc7fb0a326f8df81bb57574171ae9afe99907b27f13230ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2110
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 11 KB
11 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401fbde0c0b0074eb6a6d27ac942f2eb3ab12e40f268aa27f018cf153f52bc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11274
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 10 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aecdfc6cc0c8bec771d350b8c0879782c5460fcb06c82ef6e3e8dca042fc52ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10384
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 15 KB
15 KB 9ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ad24e3f028b0834e96dd461af1e89559a39fc7ec398df71e95ea209db5de152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15294
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4f885b5045d1de22eaf5d0d318f429ae93768a79faf8407e562afcbea54264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2372
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96489bb2b782f37bd6da137d11cc55a930a7aa56cac9b320050319ec87ab16f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1921
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d1e3c4a3a917909aa8234b70de3d3a6cb9461512958fdf6248aff53ba1f0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2318
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 4 KB
4 KB 15ms
14ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c34e93503714a75a72323692db6ab457c30d038983d9a1cbcc929a25ba7a3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3674
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c225520a04224d947879dfdb5e6c6b31c1d433a4fc48b4a53ab238e10b19dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 95 B
122 B 13ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3AC4 113 KB
38 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Nov 2021 19:53:06 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame 3AC4 2 KB
1 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85C2 0
60 B 43ms
43ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJIzmAr6N5ttBY2dPtlx9Adt_npDZfzvCj_DSpNlBL10Rz39dg09BbUG7Q6un0H3Hfj14wKcYUqtrI1x3kYQ28x_IrxpG0gsR2qEkBgivuYQ_FxJSvoD95nAX1P5qHnBwC9I8yloE9vCp2KTApwEUPi4gzTk-f8t2_PxQ3UBfH8UH6u7POvin5yjo7A95axckjTZpnlq5LFCbG2z_XsaDerzklXwWAOGkPFWzYaP3-9sCtGYWW8XAzBO-eHCep6taOzdPKteWp27v2c8xHxgyLgyIjWgIME-LZykxGJ_81wqHW_0XVcNjiYQ_2FR44RkoQ86CmbQojQ5Qf9BCtPMgNG_EPb2KfLPGau89o5bdGbNHwH4jjiwUKQhyCYLEUC0TSqOViNkpyPQB7XnT9yA87-FFrwSgRegouU9l9l6W26Hc13ACeAR6YhgNBeCDXR7o1re-6oj9dhC4xHmslQKN_gR22kyJlbrv19NKxswbtV_7bjALYsoAtHPeLwoXHyUstmlNQZ4PFTKS6U6FsvLjsMmxcHDK-EeRvzLoe0D4P8vDwFy8l03pWC8_JFwCkxuILiFcHg_8VKyp1lXe_eXE5032XeVA7_WDysmUIZ5X10y_FKRCEBloFDCEjOI6H_2SLZWdNcoyJN6v_bKt1o3OqvqrxNg0brgF3VLEX0WTKMYClcEVHoOC152W1gtkUd9im_2S88EXDejYls8WVoGRbZkXuO8sl_1dQFBxDKmixW7T7qGo_UUrrpnTmkl0p-2Ne8CIHrMhNZ5VLaJILnJxk0I_KxFt173lRR4D0aDRM86vHcTQ13vpu1ePNaW2v7CI26h6Do_p6Km37PMocyGmoSg4sJ9oe6Ah1DJf5mxAgR4u8lPkwKOKvDkzq8jd-vT50FEkCJ3C5d2FsKl6dz9lHBl3XR0bNp_8AgXXEDPl3eRo2fg7XVNV5TL0ucKNzUU0Xs51r8VpsPKIeztxPX4NrGtwXUPW7EI21CDUQj1f96_tpHoS3yun4hbNi9P1HlgPCoGJvBZoffiWY897peyXPoP-4-fVmYhPNljsmgOI-LSd-NNmS1WVd0DKU6_T6YoDDwPcqqSxJWb4mlUJRsZg2CfEiSgOBps3RO0oiDhyOI3A&sai=AMfl-YTIWV3JEhvj397JH6afP93b1R-W09-0YXQkyjapgMmlpT1IjoMAiYc_pjnnciBieW8BmjCVqQxUE22cnoAP9uZc9uenCzOlNyAe5_GmLR_X10pxxgpZkgHCY4qZtYxr8lQT1qqLupK0EIy6ZXaxBGNsyJ89Y_iqogt-sF8&sig=Cg0ArKJSzGjn4XK_VueBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=162&vt=11&dtpt=78&dett=3&cstd=81&cisv=r20211111.03786&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B6 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIbKUIlKZYZyTJPzU7_UPp92rwAIAAAAAOAHgBAI&bg=!2dql2p7NAAZQLpa_UC47ACkAdvg8WuP3sv3CDQ_vzHfqQ4Mv3_gOViUleg8aBM4qGSbtP9NodZMbsQIAAABjUgAAAAtoAQcKAAHkmQLDVCUw5UtcQ3D8A5ML5IJG7hGdfKUhPQNiCEq2VKsrroVW8LaQvWFMIHUET9Od_L_BFF_l8i7HZjhvcJuibHkCKuDqHvEX-UnmAD9bteF-GOTgy-Cdi2BdPjkJerw2kvOyyh2MtesZgTM_dlLTvqhUPB3H1iKGz4vCkIMkzFtG4h1Cs-8WblcEefhd8AUkwifpGDirG1EMD7DVByvDGKhl71hrzmgKChbes7FHnYy6QXk1o_l9VqDSbXOpJYTJVdktSLcjAq6LQmNPZTICcb2jGWFXVGJ8TKbZVM_hMYZ3RfT9ctTSmeyzqeHFXU2UMo3URRHC9h6PM-gYscpwvHxLfhpQdQN3ZIh-kCh5_ilzsZeSjhVsvtE2JEe_4DPz9BmcErP075Txle2IDFK0n5Ery_D5yCo3oaXhg1EZVETHpvHc4-s7eQa-W7RbnQ7H-JaHBBxnrBcU9bUt54FsY0mPaDZ51P2JScODvnrAkGU_U68ZpfFRa3POAeeE7FutEkqXeDvRdN0tlRvSEFVzrN_N_8ReSVhsvExH9q7gDBvVEWo2VfjVFkX48pRME868-nOPf2GNFoEIF_tqLvBkQTfLsGW4NaA5HaD3pwwe5xzLSA5P4rMe5jUVjpahgX3PAT4D2XdrgzH9juIZG2c2f7iLEiRYo43afXql_8iCoX9EIiPhKRhZCjd7D5tqg5-ewvO-LaVzB1SKaJnseNGJCeup5PkvaDHXbBerJclF-YKcId2wfb2yd62ZhcDW6pK8xWuWOzPdzY0K71_V6ONYiXIzi43Lxl8I_nloZ_ZpTF-p1lmRr_81Mgh3Z5y4YqHwGOBO0tEI9DEk83ccW9Mj2vOYwcjCQPEMt2INoVPzo4NXAubEFAtJcpiJm4WDmAYGM8hqOFQGdRCK816jHYrTdXhx60nBbIoOOnJV-uHSwzxBIf86vP8

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
202 B 84ms
83ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Sat, 20 Nov 2021 19:53:06 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
37 KB 357ms
357ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2548523090846738&correlator=2905496750933809&output=ldjh&impl=fifs&eid=31061815%2C31063378%2C31063798%2C21068030%2C31061166%2C31063183&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211120&iu_parts=17774365%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x145%7C300x250%2C300x600%7C300x250&fsfs=1%2C1&fsbs=1%2C1&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&cookie=ID%3Dc351823fcdd82266-221d232fdccb0004%3AT%3D1637437985%3AS%3DALNI_MZ0pyXP0VcdJ-3xclwaWiQXfV24Aw&bc=31&abxe=1&lmt=1637437987&dt=1637437987335&dlt=1637437985401&idt=272&frm=20&biw=1600&bih=1200&oid=2&adxs=995%2C995&adys=1171%2C2689&adks=4227265388%2C1469812228&ucis=4%7C5&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ukr.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x883%7C300x0&msz=300x0%7C300x0&psts=AGkb-H-ag8le8PlMQ7lehjSUZe1kyAvySUcJWQxaPLcPHoeJhyCrlWsS6RsTLtKqa1C-18XMksE9YzjUiSU6&ga_vid=1596947696.1637437986&ga_sid=1637437986&ga_hid=341212505&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e27110c6c420711e455f4cd6ef5ad7e1a226e04af67435b67270b88b348122b9

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_F0ezbp_QCFdYDiwod7-QGXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_F0ezbp_QCFdYDiwod7-QGXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38337
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
date: Sat, 20 Nov 2021 19:53:07 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 95ms
45ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 Nov 2021 19:53:07 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 66ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 Nov 2021 19:53:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F5A 42 B
64 B 57ms
40ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXyfnsmbpn_NT-A6dJgIFGAvQ--K_wrSG-9VxOsa_CgWZ7PUKruSPGhU0nsFNVKFn9drHJxT9fqzqAjrkeI_nVw9lqq8BKwI6MxvgEETu5pglXjDsd&sig=Cg0ArKJSzGtUy7irKoJqEAE&id=lidar2&mcvt=1000&p=456,995,601,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2005426448&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637437986249&rpt=261&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF30 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCkkKUrCN5kHH8UtxZdtyZ-qgtiujMg-2bGz51j9jzxna2wCZgo0QNZ3b7s4ZLGzF9lm3GRJ1vcBqLsTaSQyxPMyhyWBBXCULlNqqYtn3iX1F9lEmwLw&sai=AMfl-YT_orUTkRkkabBBt8_wvJwL8l75fTqxwTOf546n_oKKjQ3SsRiPYQRPZLgiIksFRtJcgPF88Sq6QUggnVKpQP-JXGeAsleDjwohGH99BOniCMXNFoC8qPsFMndLM-3K&sig=Cg0ArKJSzNDdQV-okWZjEAE&id=lidar2&mcvt=1001&p=89,130,689,290&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1069264500&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637437986439&rpt=136&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85C2 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxNwMHaPjBk_8e6868uBO2w9zcIA7kKCtlYzgenva7KGUpUjRWxjz74L2gzYQp7Gl_ei1-d664t-P54LIQJvVjCEvPLsH8Vwz4sgyCmWyJO1sw3soLnw&sai=AMfl-YTxHRuVf04j37B0cOHJh1LtyYlpjeRDHfpzVgCdKAXEs4_NHw4tll4L7R-wZS9sb2gXREGt9VA53WUXovY-fvciR7wgZRYmeixhzHCxCt_JZlT9Rnzvwm0DhiI5NFWF&sig=Cg0ArKJSzDxAZkeXX3RDEAE&cid=CAASFeRopPLSc67uf_7llPRBo7P59iLwvw&id=lidar2&mcvt=1000&p=196,995,446,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=583682291&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637437986497&rpt=188&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 094A 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 20 Nov 2021 19:53:05 GMT
expires: Sun, 20 Nov 2022 19:53:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2831 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 20 Nov 2021 19:53:05 GMT
expires: Sun, 20 Nov 2022 19:53:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E7D9 0
16 B 33ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWio2M8YUzBAAeDt6yotUbmiWDuYAQzPL9wmxnkESJ3Js--jS_ftaIy87bgMi680WBBWGb8Do-EIkp40nEpqlfCXJ-N1g

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 19:53:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 094A 72 KB
30 KB 70ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIrMEow1ZDdYP76vi0oGjI-mVnZ-T7Qahr_wzgW3QopK-ZFADf36qewZ3jvddLUv_fhZuJZmb95vFZC0ht6URdFKbFb3wQo9c1ZHnMc-3kNpU2udP-vw9BsLkUaqsHCwboRthNPZgy7RLRHsyP1cwDPFwETQ&dbm_d=AKAmf-CwKLA_jEjWebLUKYl8NXdKBGGEkIivG5-AGEFtgYSsDsh06EP2ZIc8G596iUivf4Xr6DJke3gvhXV1tXk7XNMdUUebs7OJ2ZdRmMlfMO5RQ8zIjJAF8FtWVXKahoL32F_E3uc2b0tJ98FfC4BcpC-CzErSRPqDOKGCTfUtK62JM7XcwWVIiLP-SpbxAHGn5SBmHq4x1UU2Q-jBoe-NNGLjWpSdG0towz0MWkoK-1mSI02_3XaNyJxwW5fx_1Tf2_wqbKbQUqryUAaBPgDpvHruG2YNn7T-jcKf2VEyMuz67BAZ7fwRlHuKIVsfmxC44E0eHI4PDLIDiP1vlMiUQZ3wzJZymSGS_0IPlQk5ebUHkxbmvXDP9Xk0imwvrq4OqvhhTgPCtO79hQgg2gFnhgS6QhbxyzMKuV-ZXDWI9Qfy-CMG5hcHtBSDnzIqVvkhxrk1tZwwnM7Gct5D-Q3bt4lB4YJ5d3R67XmppOuBRiwVAE5MOABaZyrUsyqV6yg5mp96GqZafzqDVInBe4oAYPaP1ZBrWr88O4mKF2EBtaJH9DBc5IedPiSlQgL-nxnUJrHmTk_tA9OGshYtnLvpjoqJavFz7Jfk8kJiExBhbn4bYucVEKOtZnQyhKjW__xr0alYu5yKufn6I1pG8eLAn-VbzPjGGLZriWbj9HXEFn5YLwQcsgyoG6yfpVHyAMJD0wl_J6alHU3YeTl_QGcHr8SKdu8jVhQhwRF5QAM6STIcF4uL_JRr7875BVeNttVRBpk2H8sC_07FwcBsy013ampA7TQdflGv_spm3SLWzBDy0SxGFW0X2UR5_t7iVUN5F6bReypGOOSy2GuFjbjtIaYix0YVmzLUsP2KlcUM_FqDcS9FUJ9oUHQ0D5sBdhUqu-Sx9ngGL5ojvjOj-BOg-qsTHzCO7_ZfxJNeIyiFx4fnWNlNv2KOXpsYy5xFf4rzsBv-3v7xII6vmlpWnkHyQ_CyraKk-y5P0Ctg41pH6JtHMYakTrdVxlISZiB75oP9vgjk0-Ioz5UScEBUFehUzajetRKGYMXOBMepKLM-oeRC-cAcvcjm0fI4EB6O5qPUbWXBm4o1QZCDXGoElcwBfyvi-YRFaS0J2koFFGj8de1Dkc92AQs7VcFWA5xI0gELT99C-Ri0y7dO_k4p8PUjAMKBcWRa8nMokdO5CLhtF5yonKvIpyI8dDHJUiT2rovwn-CsYNcT2jyxnUSVfdkrOGv49td_pPdfpZNwST4-KhbE5ceJ_YF8BGB-mK3EtQyfydbQ-wmLTa_f5oXf4mcMM4QD6H0-DNeN3WSNZ4T-fhoqOBE3b6aopNlujjO0Uhp_sxKvdFptiEWLdy1T7rH-P8mZqTeGxoDA5e2mG3vBG46BwhAbGVz-9DHCmC5a3tMJEoJjNpua3E8smXPortEXQ8UTb1YJXno24SMyqb_eiXLpEJ8ycAfpH8WNZa5C8hPoj9ljbhbGNyLRWe32EIUimXJoycdpvzq2ff-gM-l0fF8Cf4KbUSyXDsgqDmehub0Ls6uIla7qIE3Na95cA2nJrfWRR5YEvWFs2A4pWH2cAzGarSzeFNyBpgkCwKNdRiBYssAQ5VaGxsSS7Rn63Ln96sGfLVycchDECGHOwBwFiDdt5gel12Pqpj6K9PYm7R-gitM99i-hhlu0Q4wZNQwQ5xWI0CSveC0zc_WZrWAc1c5wgaRe5T1RKEExBx6hX29oIq6Nbp8yJVs1tDa7XWIJwDPPgYMEF2qU2nL_R2vuxyd7t4-WKIwXRQPCv172qtjyzhXjxMJ8raAoNiuiCkSI0qMp3S1UdPBbUjaiYcmOrG8SNJi66y5e6Vok8bfzhWpIKDOl4iVZ58R4VP7Vclr_kORAYiSYrv5rdtQpLC6tzFIRlEBQJRomBhUDKnf7wP3JrmKk0tazIJjwjvGAzZjMB5ock15kydurXM4aadJmgcYgJPjyoyJg8-w3bsyaX8uEO7T5Oi4i9V4iqwKczbdoK7C0d32Pup5kqo6v8Zl7qvHKm3jjRVEsUViUwRU77qkfp-qTLE_5_3hG9x0O2Hbs9Ik-XQcmLIAG5QVwDVxPHYU_kId5iT2c41ULEIcjqtkdsEd8rJq1dYPSXrX8LKfkzqewi7Z3ECILYH6N1TyCe5hG1aJ5KpZbS_xdWcJTt201nV99A8Sne5Secyw5tombSTLu1Jw_PZYyc6ei9HoQBU4t3FzIWUgxwrHfvoLDExPOaj9axumsYAT4Q4N8KM7PwmLCXwf2r0KSmMtUpM-kPNzG_7drhf2YG7Lfi8SZDmtiA4iGbluvR9mhU6O0go1zBJg_6hPAH9WAtdAKGOgumo7i4y7GV1aE8kNwVDV6QpfHLqhmhr5-s8zcKbENiJ2ZwWPnTl2wHTsLRHSXuIy5OEh8SUZj21oX_IXBkPjX44wcuQS2NgYXk_aoIEgZWC8gw_Ba3UjiK9Ot0cM5aXEQNzcvr2Zzsv1kOaK7hos2VxWRvVZiPNlQMZfY07cCrp0xa7s8mcFg-wcGzxSjqY6Wa16CcSnEWK8jgbGLMdL56aRCrapNTXNItWGfAC--G_8fdc3H7hwk3IapiW8sk4vHOlPoLUODG8LjF4j2LPHxGvtXNkCi-SWMq3M3b-1EOu1cfIZT7GL6GUybz6qY3YRiHvf71I8VMy0F9TMMMQmzX_RXiAsV8F9rR3A4Z6Bzll8WeZ2Zmj8sc5YQH7VYMSwMifoBDtf9j5maKdjujLqIDSVbmyo-0Gk9MRPtlkTY0UhAhlDIzEuLeweku0qeFw2LtFpmJNfVZjtPwyIkCpa-Rn0tLrRtPFvxZJPTuY8E9k0eyfDjWaiVyK6BAT7viAkr4cqTnAilyWCI2BynwRY_MtnTeKD7kqHgPDpHMOQVmb2yE-tZliGxvX05rm4ZwylIb5DsEk1BeQCYGrlEi1OTlhuzS88rk8Hjd6jFX5nHALG0QryUEJbbeIGFKagEFYUuPPzbsE0k_hleXKz1I16O46QBkGwxYeUZgHDxH7NtXjzMKzcKsg9revo2AiA6EyUd-k3ZWB9-CtcPcv3TQ_eINStV0cCWIVETteRg4kVlkfRBS3IxurjhUTrqdk70G7Icf0SkqieY9HYJxA2nD3Jz2Rfn2z0Rx-ox8I9w_0zmLyg0sBtAq9T9ucessfc-zvy5US1tA_FQK5IbPaHgtRzgR8BvhAxxtshabhNFqpURWfCqwAEZLRF4X2B7hnKvlj42t1ZwCUEkWB6tIlkNZJY47u5yjieyW9QvG-rmf0LJ9Zjej2PY2eEOOty8w4F5urdXKMXcX3jz9bWcdYs-GWy7EgilCxY_SCLHUN5UJanCmdl8eNsIE5o_YfZARm9kN85xQGRWMUiOqMFK_YWsWGBe2_LzWX6RutRQ9U5voxYMQRuOE_ulyc1dnSn_Dd13QYFDfFiHIb06AXU2xoWhuVLmpVtuXBJh_n81&cid=CAASEuRoYlW7AA_tAZJ9kQpA-LrN1Q&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92fe3818b6cbb4d7bfd47d50a490824eccbd4c97ece703f7e7233d24c0ff35bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 094A 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsgR4zoht3f78PRsuU7YUgBO1sYvJ92jII6jkJezEhBiVVa5kB761kkPmFdYLl0-gOaoaFmoooXvENzZZZbzOneXFRL1Po_nbHVTqDYriUHa1UA7o

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 094A 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:49:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 094A 119 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 19:53:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 094A 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:41:52 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 78 KB
45 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a04a74997872a421c0b898e19ff86b61dd12ae48bd1ce0c67420663262f58dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Wed, 17 Nov 2021 18:18:29 GMT
expires: Thu, 17 Nov 2022 18:18:29 GMT
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 46507
age: 264878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2831 0
0 55ms
55ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_Iw4I1KZYZ-oF9aHrATvyZvgBd6P97VmxaWej8MOtqTyjNMHEAEgldSZH2CVgoCAsAegAfCduvIDyAEJqQLHX47EZ-2yPuACAKgDAcgDCKoE3wFP0PRkNApiDW81EJ55jbDW-yE0PXoFYqyR5USoCcJySYVEWFviVdxHFLsmvDlyJor4PHJOB_Ip9ItOzQ1Ec66ASqN5IpC1AnONqbbgGoUBzcOLk_hRI1I-4AlFr6rpgZF7fT1DkmJV-0ZhTpDp7xdiBi1EmcwuAhaBi_4m4f8_64J-QHuSLifubf7OXpTSfeFOYcbpeJ0Gs5LcTukUFaEMRabqidMSgOGJkWMpBHcvbb8tMj7nwPG6bRQce7Ca7uDpAONtp7Z78yYg2lg7jrUavJQ0LgrCLfZ9dXzGPjyzwAS2hdfveOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf44cUNqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQvMAG0ggJCIDhgBAQARgdgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTYzNTcxNTcwMjA4ODE3OTcYnawV&sigh=PzDzK8a3Xuk&uach_m=[UACH]&template_id=419
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2831 19 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:46:25 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2831 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:49:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2831 119 KB
36 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 19:53:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2831 15 KB
6 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:41:52 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 997A 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Nov 2021 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 997A 26 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:22:06 GMT

GET
H3 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 295380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Wed, 17 Nov 2021 09:50:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 09:50:07 GMT

GET
H3 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 22 KB
22 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

724d29c40fe8fa5abdd7977b3f26efb3734d7621e349cba6fd4836deef24dc85

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 296216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22077
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Wed, 17 Nov 2021 09:36:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 09:36:11 GMT

GET
H3 200 logo_tire-guarantee.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/logo_tire-guarantee.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd7dc76bbaab8db1dd3b2291a9b1b52b1891f1f427984f3ac3c43c85a5044f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 426686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2817
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Mon, 15 Nov 2021 21:21:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Nov 2022 21:21:41 GMT

GET
H3 200 signature_mika.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/signature_mika.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9728a846d6b7ae4abae2e9e2c66d5887b90c8a65ca9102d80786fb7a93019b96

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2710
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Wed, 17 Nov 2021 17:55:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 17:55:35 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 58 KB
58 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842f8876714158ed616406a8cf7f13121ea4581dab40d081396f40f673a7857e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 365149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59597
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Tue, 16 Nov 2021 14:27:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 14:27:18 GMT

GET
H3 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 141409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Fri, 19 Nov 2021 04:36:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 04:36:18 GMT

GET
H3 200 logo_3pmsf_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/ Frame 997A 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/logo_3pmsf_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13617030528966971272/nt_w21-DE_300x600_nokian-snowproof-p/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da46754ab097219c68cc82cd9cf943248d15c5fe9c45f2116d28e778cd81f52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 426293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2674
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:55:06 GMT
server: sffe
date: Mon, 15 Nov 2021 21:28:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Nov 2022 21:28:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DB20 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Nov 2021 18:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2831 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86bebeae773cd0f3e40bf57a60351dd8f2d3b3b62efae0eb9b205cec436c096e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 997A 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 094A 106 KB
37 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
Origin: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 094A 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIrMEow1ZDdYP76vi0oGjI-mVnZ-T7Qahr_wzgW3QopK-ZFADf36qewZ3jvddLUv_fhZuJZmb95vFZC0ht6URdFKbFb3wQo9c1ZHnMc-3kNpU2udP-vw9BsLkUaqsHCwboRthNPZgy7RLRHsyP1cwDPFwETQ&dbm_d=AKAmf-CwKLA_jEjWebLUKYl8NXdKBGGEkIivG5-AGEFtgYSsDsh06EP2ZIc8G596iUivf4Xr6DJke3gvhXV1tXk7XNMdUUebs7OJ2ZdRmMlfMO5RQ8zIjJAF8FtWVXKahoL32F_E3uc2b0tJ98FfC4BcpC-CzErSRPqDOKGCTfUtK62JM7XcwWVIiLP-SpbxAHGn5SBmHq4x1UU2Q-jBoe-NNGLjWpSdG0towz0MWkoK-1mSI02_3XaNyJxwW5fx_1Tf2_wqbKbQUqryUAaBPgDpvHruG2YNn7T-jcKf2VEyMuz67BAZ7fwRlHuKIVsfmxC44E0eHI4PDLIDiP1vlMiUQZ3wzJZymSGS_0IPlQk5ebUHkxbmvXDP9Xk0imwvrq4OqvhhTgPCtO79hQgg2gFnhgS6QhbxyzMKuV-ZXDWI9Qfy-CMG5hcHtBSDnzIqVvkhxrk1tZwwnM7Gct5D-Q3bt4lB4YJ5d3R67XmppOuBRiwVAE5MOABaZyrUsyqV6yg5mp96GqZafzqDVInBe4oAYPaP1ZBrWr88O4mKF2EBtaJH9DBc5IedPiSlQgL-nxnUJrHmTk_tA9OGshYtnLvpjoqJavFz7Jfk8kJiExBhbn4bYucVEKOtZnQyhKjW__xr0alYu5yKufn6I1pG8eLAn-VbzPjGGLZriWbj9HXEFn5YLwQcsgyoG6yfpVHyAMJD0wl_J6alHU3YeTl_QGcHr8SKdu8jVhQhwRF5QAM6STIcF4uL_JRr7875BVeNttVRBpk2H8sC_07FwcBsy013ampA7TQdflGv_spm3SLWzBDy0SxGFW0X2UR5_t7iVUN5F6bReypGOOSy2GuFjbjtIaYix0YVmzLUsP2KlcUM_FqDcS9FUJ9oUHQ0D5sBdhUqu-Sx9ngGL5ojvjOj-BOg-qsTHzCO7_ZfxJNeIyiFx4fnWNlNv2KOXpsYy5xFf4rzsBv-3v7xII6vmlpWnkHyQ_CyraKk-y5P0Ctg41pH6JtHMYakTrdVxlISZiB75oP9vgjk0-Ioz5UScEBUFehUzajetRKGYMXOBMepKLM-oeRC-cAcvcjm0fI4EB6O5qPUbWXBm4o1QZCDXGoElcwBfyvi-YRFaS0J2koFFGj8de1Dkc92AQs7VcFWA5xI0gELT99C-Ri0y7dO_k4p8PUjAMKBcWRa8nMokdO5CLhtF5yonKvIpyI8dDHJUiT2rovwn-CsYNcT2jyxnUSVfdkrOGv49td_pPdfpZNwST4-KhbE5ceJ_YF8BGB-mK3EtQyfydbQ-wmLTa_f5oXf4mcMM4QD6H0-DNeN3WSNZ4T-fhoqOBE3b6aopNlujjO0Uhp_sxKvdFptiEWLdy1T7rH-P8mZqTeGxoDA5e2mG3vBG46BwhAbGVz-9DHCmC5a3tMJEoJjNpua3E8smXPortEXQ8UTb1YJXno24SMyqb_eiXLpEJ8ycAfpH8WNZa5C8hPoj9ljbhbGNyLRWe32EIUimXJoycdpvzq2ff-gM-l0fF8Cf4KbUSyXDsgqDmehub0Ls6uIla7qIE3Na95cA2nJrfWRR5YEvWFs2A4pWH2cAzGarSzeFNyBpgkCwKNdRiBYssAQ5VaGxsSS7Rn63Ln96sGfLVycchDECGHOwBwFiDdt5gel12Pqpj6K9PYm7R-gitM99i-hhlu0Q4wZNQwQ5xWI0CSveC0zc_WZrWAc1c5wgaRe5T1RKEExBx6hX29oIq6Nbp8yJVs1tDa7XWIJwDPPgYMEF2qU2nL_R2vuxyd7t4-WKIwXRQPCv172qtjyzhXjxMJ8raAoNiuiCkSI0qMp3S1UdPBbUjaiYcmOrG8SNJi66y5e6Vok8bfzhWpIKDOl4iVZ58R4VP7Vclr_kORAYiSYrv5rdtQpLC6tzFIRlEBQJRomBhUDKnf7wP3JrmKk0tazIJjwjvGAzZjMB5ock15kydurXM4aadJmgcYgJPjyoyJg8-w3bsyaX8uEO7T5Oi4i9V4iqwKczbdoK7C0d32Pup5kqo6v8Zl7qvHKm3jjRVEsUViUwRU77qkfp-qTLE_5_3hG9x0O2Hbs9Ik-XQcmLIAG5QVwDVxPHYU_kId5iT2c41ULEIcjqtkdsEd8rJq1dYPSXrX8LKfkzqewi7Z3ECILYH6N1TyCe5hG1aJ5KpZbS_xdWcJTt201nV99A8Sne5Secyw5tombSTLu1Jw_PZYyc6ei9HoQBU4t3FzIWUgxwrHfvoLDExPOaj9axumsYAT4Q4N8KM7PwmLCXwf2r0KSmMtUpM-kPNzG_7drhf2YG7Lfi8SZDmtiA4iGbluvR9mhU6O0go1zBJg_6hPAH9WAtdAKGOgumo7i4y7GV1aE8kNwVDV6QpfHLqhmhr5-s8zcKbENiJ2ZwWPnTl2wHTsLRHSXuIy5OEh8SUZj21oX_IXBkPjX44wcuQS2NgYXk_aoIEgZWC8gw_Ba3UjiK9Ot0cM5aXEQNzcvr2Zzsv1kOaK7hos2VxWRvVZiPNlQMZfY07cCrp0xa7s8mcFg-wcGzxSjqY6Wa16CcSnEWK8jgbGLMdL56aRCrapNTXNItWGfAC--G_8fdc3H7hwk3IapiW8sk4vHOlPoLUODG8LjF4j2LPHxGvtXNkCi-SWMq3M3b-1EOu1cfIZT7GL6GUybz6qY3YRiHvf71I8VMy0F9TMMMQmzX_RXiAsV8F9rR3A4Z6Bzll8WeZ2Zmj8sc5YQH7VYMSwMifoBDtf9j5maKdjujLqIDSVbmyo-0Gk9MRPtlkTY0UhAhlDIzEuLeweku0qeFw2LtFpmJNfVZjtPwyIkCpa-Rn0tLrRtPFvxZJPTuY8E9k0eyfDjWaiVyK6BAT7viAkr4cqTnAilyWCI2BynwRY_MtnTeKD7kqHgPDpHMOQVmb2yE-tZliGxvX05rm4ZwylIb5DsEk1BeQCYGrlEi1OTlhuzS88rk8Hjd6jFX5nHALG0QryUEJbbeIGFKagEFYUuPPzbsE0k_hleXKz1I16O46QBkGwxYeUZgHDxH7NtXjzMKzcKsg9revo2AiA6EyUd-k3ZWB9-CtcPcv3TQ_eINStV0cCWIVETteRg4kVlkfRBS3IxurjhUTrqdk70G7Icf0SkqieY9HYJxA2nD3Jz2Rfn2z0Rx-ox8I9w_0zmLyg0sBtAq9T9ucessfc-zvy5US1tA_FQK5IbPaHgtRzgR8BvhAxxtshabhNFqpURWfCqwAEZLRF4X2B7hnKvlj42t1ZwCUEkWB6tIlkNZJY47u5yjieyW9QvG-rmf0LJ9Zjej2PY2eEOOty8w4F5urdXKMXcX3jz9bWcdYs-GWy7EgilCxY_SCLHUN5UJanCmdl8eNsIE5o_YfZARm9kN85xQGRWMUiOqMFK_YWsWGBe2_LzWX6RutRQ9U5voxYMQRuOE_ulyc1dnSn_Dd13QYFDfFiHIb06AXU2xoWhuVLmpVtuXBJh_n81&cid=CAASEuRoYlW7AA_tAZJ9kQpA-LrN1Q&rfl=1%2Chttps%253A%252F%252Fwww.ukr.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:50:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 094A 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 19:51:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DB20
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

57ms
57ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 19:53:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 19:53:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 19:53:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 094A 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
URL: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
DATA 200
OK truncated
/ Frame 094A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53af5942a92bf4a33307cf41cf28de387ed6410735d19840e52b84003c44b20c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E30B 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 09:35:04 GMT
expires: Sat, 19 Nov 2022 09:35:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 123484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18419831854861205280/ Frame F068 11 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae2082902e7062b5fd5c990b3a2bcacd0b0d5882dbefe40143008fc1ee44b9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3323
date: Fri, 19 Nov 2021 22:38:49 GMT
expires: Sat, 19 Nov 2022 22:38:49 GMT
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 76459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 094A 0
24 B 68ms
50ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOZLFQ2PAf1CX4Nk23GG6usPz2acQLUYiAcGcdWxX7NNuCXVHVCX5VgzA6oVarmQeaXo4o1mXvluADm6lrGSWdo0XIHeCCaxLsyHJsEJWohkyUgVS06g2TU2ViJSw4LtzhS9YiLei8Z8T14bRXOoYYxseeev-IrCeKMXquw5QLiI3QUuPp5MZPTk8jHmNn9WgBQMnBYdAHb2H0IetHiIRlbrbXNHjoH3rZRKqinQ7lsBBdWXFxSC29Bq2Ixry2kl8WlQeNr-ebdOT8ax4YquMLVBJghpIt659R9CqFeEOAkOzyZJAO_7MJzXg4rpVxPexnrDZP_cwjXO3FoHrhPnglb_BbK16NTMnGGzJxDoCKs-MP0B-yMZ0KsrpgxRy1pqpmUnxf-7FOiJu8KL5OBoce6aqM9eD5HLtUEEvLv51YYaZHPFgsBjwoDVOAYKzFdDh5SXELTn5x93dndII5SCV4ufKxAoAGkBS0gHSjjDGm4r9jxjqQa_NBojy-yFpIjiLjE-R2-6jXqLjP_U5Bp0_W_q1e89hGhp8SbEJeToxsW_3lCkX6WifST0i77AzbomrGYeb-KeEM76mWAAEWHoAFosVmuA0wHyTGHvYHj9pXJtH8FtA5Cn6dT4hnh3pcnId2kVd2kUTcLgrvy3TeUPpn3kGuhKNO26rt14svJehqHTqYJmVbz_fJe2_jQ3rL0LBNP2TwbnB69TpLOwTpe16wCfo3cBklX1SsUnvDJA6yHCg5ATYEdWqMVbWyhkY62rMncFxL-7rn7PWQkFseiizEYMG7TeFNtx8UpQJyv6s3r5YQrda2sPwLUnDmR_H0f9pNOVVsVm8qyZlOqmTUjZRwQ-t0CA9aZ_-Pzc-dIUTRDumbkJNwv8q6U7p2crDAYsymikQvkSRlbaopP3b6OgReR70Is3DwgGqLg5j5c9NQ3iI7-WM1qrcCzm-4oIoeXlGV01ekqJqC6YlSypnVhbDuvWxmawWOgYucD3oXOv6vNzTV7F2ZGC1kdT0BRwWwf8VNABEwwNePgi_7FzA_ySHHSHkV0uqeNehtVrvoZxuS242_ZureNSXCsTX0CnzaDGywaNw_hGkNTgSt3Jy1ThZq2PwIzJK6JNnhd-jN5WjdZvJy3HS-IPjflj3_7h8&sai=AMfl-YQox_9l5sg5vmCd42mHiSqJifyufpy0JlcHt2CiIC6KQnyJa0HWl8SI31PgaifjP4Nl-FkT5_yGt2B6qg2uJY1hHJ9XSGe8w2qIyfSHFmWq4DOF0ViWfoKstT5mAeiVfA4mRdwQTPjB1VmW3RJm3ah8G3VfsA&sig=Cg0ArKJSzFrpQcl_4EM5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=43&cbvp=1&cstd=42&cisv=r20211111.67205&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 20 Nov 2021 19:53:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f6867a8b1d5dc6bc7fb0a326f8df81bb57574171ae9afe99907b27f13230ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2110
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 11 KB
11 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401fbde0c0b0074eb6a6d27ac942f2eb3ab12e40f268aa27f018cf153f52bc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11274
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 10 KB
10 KB 9ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aecdfc6cc0c8bec771d350b8c0879782c5460fcb06c82ef6e3e8dca042fc52ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10384
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 15 KB
15 KB 9ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ad24e3f028b0834e96dd461af1e89559a39fc7ec398df71e95ea209db5de152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15294
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4f885b5045d1de22eaf5d0d318f429ae93768a79faf8407e562afcbea54264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2372
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96489bb2b782f37bd6da137d11cc55a930a7aa56cac9b320050319ec87ab16f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1921
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d1e3c4a3a917909aa8234b70de3d3a6cb9461512958fdf6248aff53ba1f0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2318
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 4 KB
4 KB 10ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c34e93503714a75a72323692db6ab457c30d038983d9a1cbcc929a25ba7a3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3674
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c225520a04224d947879dfdb5e6c6b31c1d433a4fc48b4a53ab238e10b19dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 95 B
122 B 11ms
10ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F068 113 KB
38 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Nov 2021 19:53:08 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/18419831854861205280/assets/ Frame F068 2 KB
1 KB 8ms
6ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18419831854861205280/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18419831854861205280/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:09:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:49 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame E30B 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 094A 0
23 B 45ms
45ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOZLFQ2PAf1CX4Nk23GG6usPz2acQLUYiAcGcdWxX7NNuCXVHVCX5VgzA6oVarmQeaXo4o1mXvluADm6lrGSWdo0XIHeCCaxLsyHJsEJWohkyUgVS06g2TU2ViJSw4LtzhS9YiLei8Z8T14bRXOoYYxseeev-IrCeKMXquw5QLiI3QUuPp5MZPTk8jHmNn9WgBQMnBYdAHb2H0IetHiIRlbrbXNHjoH3rZRKqinQ7lsBBdWXFxSC29Bq2Ixry2kl8WlQeNr-ebdOT8ax4YquMLVBJghpIt659R9CqFeEOAkOzyZJAO_7MJzXg4rpVxPexnrDZP_cwjXO3FoHrhPnglb_BbK16NTMnGGzJxDoCKs-MP0B-yMZ0KsrpgxRy1pqpmUnxf-7FOiJu8KL5OBoce6aqM9eD5HLtUEEvLv51YYaZHPFgsBjwoDVOAYKzFdDh5SXELTn5x93dndII5SCV4ufKxAoAGkBS0gHSjjDGm4r9jxjqQa_NBojy-yFpIjiLjE-R2-6jXqLjP_U5Bp0_W_q1e89hGhp8SbEJeToxsW_3lCkX6WifST0i77AzbomrGYeb-KeEM76mWAAEWHoAFosVmuA0wHyTGHvYHj9pXJtH8FtA5Cn6dT4hnh3pcnId2kVd2kUTcLgrvy3TeUPpn3kGuhKNO26rt14svJehqHTqYJmVbz_fJe2_jQ3rL0LBNP2TwbnB69TpLOwTpe16wCfo3cBklX1SsUnvDJA6yHCg5ATYEdWqMVbWyhkY62rMncFxL-7rn7PWQkFseiizEYMG7TeFNtx8UpQJyv6s3r5YQrda2sPwLUnDmR_H0f9pNOVVsVm8qyZlOqmTUjZRwQ-t0CA9aZ_-Pzc-dIUTRDumbkJNwv8q6U7p2crDAYsymikQvkSRlbaopP3b6OgReR70Is3DwgGqLg5j5c9NQ3iI7-WM1qrcCzm-4oIoeXlGV01ekqJqC6YlSypnVhbDuvWxmawWOgYucD3oXOv6vNzTV7F2ZGC1kdT0BRwWwf8VNABEwwNePgi_7FzA_ySHHSHkV0uqeNehtVrvoZxuS242_ZureNSXCsTX0CnzaDGywaNw_hGkNTgSt3Jy1ThZq2PwIzJK6JNnhd-jN5WjdZvJy3HS-IPjflj3_7h8&sai=AMfl-YQox_9l5sg5vmCd42mHiSqJifyufpy0JlcHt2CiIC6KQnyJa0HWl8SI31PgaifjP4Nl-FkT5_yGt2B6qg2uJY1hHJ9XSGe8w2qIyfSHFmWq4DOF0ViWfoKstT5mAeiVfA4mRdwQTPjB1VmW3RJm3ah8G3VfsA&sig=Cg0ArKJSzFrpQcl_4EM5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=114&vt=11&dtpt=71&dett=3&cstd=42&cisv=r20211111.67205&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 19:53:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E30B 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9ivMI1KZYeDLNsmb9u8PlJuOiAIAAAAAOAHgBAI&bg=!OzilOHzNAAZQLpa_UC47ACkAdvg8WhvpuxdigkbrlTP-a8x137qbi4kLf6oy9zWEFqb0irTItGqZvgIAAABkUgAAAAtoAQcKAKBkllL8XGUZIF6clfYWI_NBnuL7KhrKVJXQ-1Uh56LGW7R2ZTO5L8rE6vfQFZ66N5H0RBGI7KEFW6OAFU60stmtyTE7OAxESLU4dLeWsO9izur3nKDm6pa8LWEaiFsAbbAtS3HBmXk1swg7lG4OIRT48gzKJ6OYOaMq8gui0Cl2ayW-q5HlDNZ08Ido6UOGs4zKyqocN-j4GBZdVuCL2X1_mQLFUvDzEkZ_1L_tFGv298ktuwgJdNqpMeBH5sJjzIHPJNYeDxA0DqIfn_jWVA_YZyAZxXv6A0brC_TaA6Lq_YNW8_OtrMvmgE2L9lgmrmpAhP6EszDWIT5G7cYd4UZ7m8eeOKhr8-lf9lzhJYDn_YfUIPFRzc5cU7JICfBEjWJsgxU3uLEoaZy481KIJL9PQOQUmEtT3n3dNTqW3juEDNZIrZ66-ezmN7J9-UlkCE7yD6a_vtMv0_YIBowUVFJPCTha5G3eqjwj2CCNj1JG3Ivsw9C4pZXCX1z03Kip96DVPDiBCD0HfobsOdvD1Nd_y7tN8F1MrWcjIgPzdbAYyit4KAbKRzEt4xSQ7kIluCInzStvT79Dgbjd0Icr482Z1IwMbxIjf-tbSLjHD4zelViKQQPqYkH-PqLKDdVUDtyYklv3M7EiO58QusWJYFrgqNLogwtb2XHY8zBHCIIGaTvki8PrS7Sk6Dhkp1k9-rBzfdKr74KXEBsR9vufIPc2OZcIIp6voqVQ8hQY9YPsg39-f3SuRceJk-PMBsrMSq8BoYPTXTUdRQSrGRFUPwhVSqQqgUil-TTqV4C0g3HMmg6IOopJyvCK_V5ftW9Ur1e_4PnyqVK9Xgm339jgdrVQApmj6jh95uH-EuLDJ2sT0ZdJ69s4eJdO3oNJi-rwF095pfHkq-LrOQa-nZLcK8BQjgIcGphic6rtjvvDmohjV4NefSYUe3h_gVC1Hgdyjb0KRFJ4QLUH1LSQfDO6_ejBFdlvlF3GSWxMwEGpZpzaQpejZU0fFClfJlhCdcbLNLqAF1yPxpsEX6IRx0AzPYkb8TP0h9wNhyQy8wesJw2D7m2a-NCG5tH61KZNUyFEirXEGQkP8MQDXT8qDEKdYtjg0tPms2pe23fCVX1E54T8hgYxanc-tOG8tybjqcqcVfBkjoJrJNbGaQ

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 19:53:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
202 B 72ms
72ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Sat, 20 Nov 2021 19:53:07 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H2 200 v4_300016_4947.json Show response
player.adtelligent.com/prebidlink/2729063/ 42 KB
5 KB 6ms
6ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/2729063/v4_300016_4947.json?cb=www.ukr.net
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454843/wrapper_hb_300016_4947.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e4476f605f9378c50d6626b99ee4229470f6b61cc961cf1ebd78b0d2ef1c3273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 19:53:08 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:56:43 GMT
server: nginx
etag: W/"619782eb-a8af"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
expires: Sat, 20 Nov 2021 20:53:08 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 70ms
23ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.ukr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.ukr.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1606
date: Sat, 20 Nov 2021 19:53:10 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ukr.net%2F&domain=www.ukr.net&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=8MZ7pXwweklSdEhmSTNTc0VyQ3YyUmVrZStqL2FaMmZPa3ZEQTdYaERzRFQ1MVAwMWl1OUNFUm9SZnVRU3pMbWRVWE94M2hJQmMxVnlFaG9kQkc0RTljSkthSm1nWmxkbmRHUzYvQzIrL21DR0RLSklyaDZGVUMyc1ZSaV...

324 B
588 B

46ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8MZ7pXwweklSdEhmSTNTc0VyQ3YyUmVrZStqL2FaMmZPa3ZEQTdYaERzRFQ1MVAwMWl1OUNFUm9SZnVRU3pMbWRVWE94M2hJQmMxVnlFaG9kQkc0RTljSkthSm1nWmxkbmRHUzYvQzIrL21DR0RLSklyaDZGVUMyc1ZSaVYyVHFaVGE5clNiL28za1YwL0dIUlZRMytSTzF1VHd0czU1UHAzYzM0eDR1NFdtNDZZdHlhU011UUZyUTFMUnY2UDlEVEZOd1BNS2NGVEpXY2UwVlk2RFZxMXNmaE9QbFdJcDFGNU8yc3d1cjNVYnNpQ25JPXw&cppv=2

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1a525a460dbcd9ac38e737298a5db4b421ad90d1f59c6d990fdb32ed821fc36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 20 Nov 2021 19:53:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2725
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 20 Nov 2021 19:53:10 GMT
location: https://mug.criteo.com/sid?cpp=8MZ7pXwweklSdEhmSTNTc0VyQ3YyUmVrZStqL2FaMmZPa3ZEQTdYaERzRFQ1MVAwMWl1OUNFUm9SZnVRU3pMbWRVWE94M2hJQmMxVnlFaG9kQkc0RTljSkthSm1nWmxkbmRHUzYvQzIrL21DR0RLSklyaDZGVUMyc1ZSaVYyVHFaVGE5clNiL28za1YwL0dIUlZRMytSTzF1VHd0czU1UHAzYzM0eDR1NFdtNDZZdHlhU011UUZyUTFMUnY2UDlEVEZOd1BNS2NGVEpXY2UwVlk2RFZxMXNmaE9QbFdJcDFGNU8yc3d1cjNVYnNpQ25JPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2009
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
529 B 38ms
8ms XHR
application/json 54.36.109.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454843/hb_300016_4947.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.156 , France, ASN16276 (OVH, FR),

Reverse DNS

p07.id5-sync.com

Software

Resource Hash

48eefac84e7f35097f2fcda45949a7b59a332042727e21f9e7961008bfc507e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ukr.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Sat, 20 Nov 2021 19:53:09 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 59ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1131
date: Sat, 20 Nov 2021 19:53:09 GMT
content-encoding: gzip
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/prebid.1.2.aspx

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5ac6b46-4480-4e24-b9a0-135118eef41f

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

308 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 07:36:13	Name: uid Value: Cj1tBGGZUiF+zyShCxEOAg==
.ukr.net/	1970-01-20 07:36:13	Name: un_lang Value: ua
.ukr.net/	1970-01-20 07:36:13	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 07:36:13	Name: snr Value: 9
.ukr.net/	1970-01-20 07:36:13	Name: scr Value: 9
.ukr.net/	1970-01-20 07:36:13	Name: sfr Value: 9
.ukr.net/	1970-01-20 16:21:49	Name: _ga Value: GA1.2.1596947696.1637437986
.ukr.net/	1970-01-19 22:52:04	Name: _gid Value: GA1.2.1744660772.1637437986
servicer.mgid.com/	1970-01-19 22:50:38	Name: __mglb Value: 2b804be0d04e992ad0d5ca78c8f32d46
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lak5dJhk4WRb
.mgid.com/	1970-01-19 22:50:39	Name: __cf_bm Value: g9716qe7yTqYxizjtINfCV9z2MKk1TJGfn88su8l7fM-1637437985-0-AfC8flP98+xLctpkFqPJN1I5EPJ7TIV4+CutojnRe+Ftdivbk6AqU5/+D9fnE0TshutEoCig4G4DWK1kA+dzF+s=
.go.rcvlink.com/	1970-01-23 14:30:13	Name: cache Value: t5ra6tXavmn-2Bs
accounts.ukr.net/	1970-01-20 16:21:49	Name: clapid Value: NrnxTAAAAAAipMcgFBa6MSeLTCUnLXvPXmM93Cc104QLqPfHhpctjQ:V0dupwj1B6uURyOQcd3wHYAsIG4fh5OyVfIyXpLcIqs
.ukr.net/	1970-01-20 07:36:13	Name: pcity Value: 102950159
.ukr.net/	1970-01-20 07:36:13	Name: tracknew Value: 1637437985678427.1637437985.1
m.mixadvert.com/	1970-01-19 22:52:04	Name: 3b49593122309e53e5d9a362a0308c14 Value: 1
.ukr.net/	1970-01-19 22:50:38	Name: _gat_gtag_UA_5903420_1 Value: 1
www.ukr.net/	1970-01-20 05:35:37	Name: cbtYmKname Value: 9821c8cc1df699c2
loadercdn.net/	1970-01-23 14:26:37	Name: vui Value: 59ffd455d9a44689b6935033395d4757
.adtelligent.com/	1970-01-20 01:04:33	Name: vmuid Value: e20ed188a3cb636d
www.ukr.net/	1970-01-19 23:33:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.ukr.net/	1970-01-20 07:36:13	Name: _pubcid Value: 12cf7269-8766-4636-95ad-dfb4ebbb7fb7
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.openx.net/	1970-01-20 07:36:13	Name: i Value: 12cf7269-8766-4636-95ad-dfb4ebbb7fb7\|1637437986
.admixer.net/	1970-01-20 16:21:49	Name: am-uid Value: 82097c9f457845f5b6c78dfb53dc11e7
.360yield.com/	1970-01-20 01:00:13	Name: tuuid_lu Value: 1637437986
.360yield.com/	1970-01-20 01:00:13	Name: tuuid Value: 77d9fd37-a948-4e9d-9e99-89ecd8c3778a
.trafmag.com/	1970-01-20 16:21:49	Name: vid Value: 1988161125683369
.trafmag.com/	1970-01-19 22:50:38	Name: viewposter Value: 324
.doubleclick.net/	1970-01-20 08:12:13	Name: IDE Value: AHWqTUnz0GgC_c63bSNZTtzEXkAXfQMnNrAOun_X_71NAHVTVJqURhYj5rvO4wbzFZU
.betweendigital.com/	1970-01-20 07:36:13	Name: dc Value: was1
.betweendigital.com/	1970-01-20 07:36:13	Name: tuuid Value: 9078ec4c-5c74-5344-93c7-5520f25e0702
.betweendigital.com/	1970-01-20 07:36:13	Name: ut Value: YZlSIgAFIIBK4_ewMW2_ufwxG22UCKSzdj1CVQ==
.betweendigital.com/	1970-01-20 07:36:13	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:36:13	Name: unm Value: 1
.adnxs.com/	1970-01-20 01:00:13	Name: icu Value: ChgIq9pcEAoYASABKAEwoqTljAY4AUABSAEQoqTljAYYAA..
.adnxs.com/	1970-01-20 01:00:13	Name: uuid2 Value: 6570714526844581293
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 07:36:13	Name: khaos Value: KW88ASGJ-Q-M5UE
.rubiconproject.com/	1970-01-20 07:36:13	Name: audit Value: 1\|mFVHqHkj5bE97J1awDgUOuMH05QULE/jV/G9Z/GRzTxqjK1sECNPHz4CcVbdARVXGCsj+bAlckpN+011ZXQEx0ZjA/ErGVhBsqlSNZOaaDQ=
.ukr.net/	1970-01-20 08:12:13	Name: __gads Value: ID=c351823fcdd82266:T=1637437985:S=ALNI_MaQXQUWdIigW6QKAKSNbdT00NSs2A
.doubleclick.net/	1970-01-19 22:50:41	Name: DSID Value: NO_DATA
www.ukr.net/	1970-01-20 08:12:13	Name: cto_bundle Value: z0HXMl9DJTJCWWc2eWxwajgwUzdzOGV4WmZPVENFRkclMkZrc0hpb1FJZjdJaUNjMVl5UWRVVU8yejFxb0FGVmRYYVN4bm1qam4xaWljc0hEZExncnFDaVQzeDlidSUyRlllVG41Z3dqVHpINGdPSkxNQTJVdyUzRA
www.ukr.net/	1970-01-20 08:12:13	Name: cto_bidid Value: jxwHMV9qbzFrciUyRjl2WHFDcXVTVTAzSW95dCUyRmdEcUw5TDRhJTJGMUM5cUN5NUwwdG1RYkMyVE1rOU5ram5DcWRqOUZMeXQyd3ZHUVFERDBnOUdHY2wxMW0xdkVXZyUzRCUzRA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d2687fcf7602e5960447cb9b90dedfc.safeframe.googlesyndication.com
a4p.adpartner.pro
accounts.ukr.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
adx.adform.net
afl.rozetka.com.ua
ap.lijit.com
api.phoenix-widget.com
bidder.criteo.com
counter.ukr.net
cs01.trafmag.com
dm.hybrid.ai
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
inv-nets.admixer.net
kinoafisha.ua
loadercdn.net
m.mixadvert.com
mail.ukr.net
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
recreativ.ru
s.znctrack.net
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
servicer.mgid.com
st11.rcvlink.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
tpc.googlesyndication.com
trafmag.com
upst.fwdcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
inv-nets.admixer.net
sync.adtelligent.com
104.19.136.78
136.243.84.74
142.250.185.162
142.250.186.98
146.0.227.109
147.135.189.55
147.75.38.124
178.128.142.14
178.250.0.157
178.250.0.165
184.31.84.150
185.184.8.65
185.187.81.40
185.187.81.41
185.33.220.145
185.64.189.112
193.200.64.15
193.200.65.2
195.191.235.70
195.214.195.100
212.42.75.249
212.42.75.253
212.42.76.151
212.42.76.247
212.42.76.248
212.42.76.253
212.42.83.135
213.174.135.1
2602:803:c002:200::42
2606:4700:20::ac43:4bf1
2606:4700:3037::6815:3471
2606:4700::6812:272
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2006
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:2638::3
2a0c:5c81:5142::2
34.98.64.218
37.157.4.28
37.18.16.23
5.178.65.245
52.31.83.126
54.36.109.156
72.251.249.9
77.120.100.148
96.46.186.57
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
021c33bcfa8fe7e8f01ba82b95b913b209dd57a8c0b42e70113875c12a85e7c9
039d1b6f6379d9719815d2a548fc30f0757df8e43cea830533a4e1df7e7f979a
08c710785c0fc7fd737fb444365a25b2f227f2231507b9754df2b08012e33372
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bf33c088ce90f6ff1b0b24318b84f2a1f93a13a99e0e9639d8ae2b39bde99c6
1134dc30eb340c908a5cb6c95f5bd1b029fec03fe1bed065ae8aaca3c2e2bafe
1242a979872e690527b17d130c90293d186fd9c6fa063e8480d49d52d0678170
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148b065affd027985c2d0b09b920cfdfd9383b5e58a875821bc75ffaccde4a22
14b6e5af3d417a68ef517da9b376b77cb4e936a389bf6ba12d09c5062a7ddc10
17d1e3c4a3a917909aa8234b70de3d3a6cb9461512958fdf6248aff53ba1f0b7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a525a460dbcd9ac38e737298a5db4b421ad90d1f59c6d990fdb32ed821fc36d
1aec2bdc267370ccba729825eb4699cba852cb311f4469dfaa209683c7e48e39
1b218e99044d29a446983918d506c6ea48a6596480c9eb19cff223588c11750e
1da46754ab097219c68cc82cd9cf943248d15c5fe9c45f2116d28e778cd81f52
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
21de81cf1fd4be25ce7e8ba0d6474794da296c77f5c51500d496963579052184
2347dfaae7a4e2375aac32c9b282f1f3e322ccf858cf9f07d882ae1808c90cfd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2b4f885b5045d1de22eaf5d0d318f429ae93768a79faf8407e562afcbea54264
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
33117e1c8a0ff90b497cd908e822acc861b8b9225fcf9b77265c219774de44bf
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
370094dd362c0f4c65917bb30003120adeb022011ba5177f257f254d4523d1cd
385cbb49555e22cb38eb44e56d74fdf7d3682b3c378111f323820d321e05db99
391acc74ff31aa01e35abf4f5b8ba4dca16c9970d989e7722dbbf76e3157243d
39306f88ed7f6c18f5c6e4b8a98fd39155240d7e29217aa50c44e712443e7b79
3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3e2f6d66fc8184eab2273a36be6c3171afa275c8ba432b8f0cb56a7cff51ec13
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
401fbde0c0b0074eb6a6d27ac942f2eb3ab12e40f268aa27f018cf153f52bc8d
4195e49f636ab9bfad5eb08bfe3b911e68603e9f9a7fcf23b62fcdf743e22160
4278934221c3880f09cccf46170071ab43fe6ecf37c60b6a87a0f4b6d2a315b1
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48eefac84e7f35097f2fcda45949a7b59a332042727e21f9e7961008bfc507e1
4a04a74997872a421c0b898e19ff86b61dd12ae48bd1ce0c67420663262f58dc
4ad24e3f028b0834e96dd461af1e89559a39fc7ec398df71e95ea209db5de152
4c225520a04224d947879dfdb5e6c6b31c1d433a4fc48b4a53ab238e10b19dc3
4d5f5533bd90ab0d5574bf73a222361c8470b1b331611a237277a5e4aa23ca78
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbd98e7fa537367ac7ae091808961ccbe8d204e6eb2fb3cf57dba2d8925bef3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51bda33e8edc0c3b515853c9b0939249ce80a7e2ad65ce4833150cd2e015c810
52141f02f851bd66188b313a1250408d6331fbcb0f8a716cdc3f0779349e7ea0
5220ed1b43708410befd8d6764e49ea6a82d93e7ce1d2a32e18636187a6c0986
524e98a2efc931b6ab54169e186c838abf02049b5c21546d84d2b2648ba3669c
528cda079b4743d154dba29ca5608946877e132a95c35602cfcc307b2f5303c5
53af5942a92bf4a33307cf41cf28de387ed6410735d19840e52b84003c44b20c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
565ad4275290dffb6d5cd4c4bd1e9c0e1b70b5a256c731452fec2f09d319d95e
56751dc1a79890181a29af4d4326c58d2c2fbdd9b2648b19d49ba7da79978091
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
5794aefed580dd6622e2feb9bdf83509c6263b7aac3fd30679534d438106aee4
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
59dce15dbd4a9d579b4e9cae2cefc03c018304dec96e42cd6469abb7ffd69885
5a320720db022ef2a499e70515b8c2df3d40cb4b6a8d8147cb091541fc3b7fdc
5a464a4a1f7a108a68ea152f51683acfe20d2fda7e3feab113e5eef7b5dbfaba
5b3b67fd4c3c4b56338b43907403a075e5c8aef5a17d0d7332884eedafcbc813
5c34e93503714a75a72323692db6ab457c30d038983d9a1cbcc929a25ba7a3c6
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
6192d1726825bfa203787c968d0f3346001929188e501cf3941cb9862bc779d8
61a72745329c527321eeded6f19a3131453beab613ff8c3b90976c466fb5ce87
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62f25591390dd0d01f7c985879804345bf0e2da10c6c2cae3ae04501f50e7efd
65391ebf77902abbd52f4e384e47c65aaa1a5aed00a419209f86dce9fb31ef57
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
669e2dd74451cc42dcb8d806c3661b8dc9f118816ed6b2656153fdd0ed27539d
66a70a9ed513d19411becef72c0656c16685d4ea4a19c92ef466ddb9abeb1607
6aed47437a101465d2d2ed9259fd3b54de0c151be4212da6f891401c32a60e23
6b207188048ecdd3dd6670161683b537d5ffdad73ca1ba8c55a0ab0f3585209e
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
70d6893d5b22ddac5a2cf6d3c5e368c2d5729bc391c837bfa4743463605a6fac
724d29c40fe8fa5abdd7977b3f26efb3734d7621e349cba6fd4836deef24dc85
72dda00b0d06e644bb6228928e087c8a996e8fb6de480d100e636104f2c496c3
74efd3bd783ca864604e4a4930745d4bb989f6b693904cc2f853cf51555fad6e
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
78a950d5468e108a83fd66bc5394400365b46f9645c742b24133c53100f558be
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7955064620c7cca738c4932182e628b437833059a312ac58b8960bdbb4e9f154
796e34ba233f33fc419a5f4281710a806dd0692a33d3f33ca58861b4a00193fa
7aca48eed950fa3497f925c7e6c8f8840017903add24206b0cfce183314d96c0
7adfce23598bd3009ef272c2b7cacf4610246ce5b091e8591e713fd5d1625d8f
7bfefe36da5d18dcd93d65bd24cc4e5fc186980ab5bce87c3e5c87cb34c07e8f
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
8240e41b521ae8868075194126f9fd9be1ee2ed8108eccb18095e1ccfc9b6bc3
842f8876714158ed616406a8cf7f13121ea4581dab40d081396f40f673a7857e
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bebeae773cd0f3e40bf57a60351dd8f2d3b3b62efae0eb9b205cec436c096e
879fb3218358aef9d38909e776c6a72d0d4ff5ccc2313cdd1cdabe169bc9e69d
87e776fa630daf9132dfaf2526047622ab91c4b426d5e7c4291f9257c497910b
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
89d3fabda8cfcdf4aa817a91ab36f5a11acf361de28062243508ae86fdae8b71
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
90274de354a49efa34b246ff3e3d8e2b6f264ed28ed5d83263a5e161975e4ddb
92fe3818b6cbb4d7bfd47d50a490824eccbd4c97ece703f7e7233d24c0ff35bc
957b1aee7b2b49823cd932513d279b403fab046be56bc182a9d40ea53eebd570
96489bb2b782f37bd6da137d11cc55a930a7aa56cac9b320050319ec87ab16f3
9728a846d6b7ae4abae2e9e2c66d5887b90c8a65ca9102d80786fb7a93019b96
98b575445e59703084c661c7665c32e4c02eb6955733ab2f342b407436ef57b5
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9f5a93301e59cfddbb7aa92dce5459a904fcee359cee64c32d4bad6096b248a3
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
a14a79aca7dced1b1571512cb7a2795eaa1ebd378ba70772da3a44a3b0fa06a1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae2082902e7062b5fd5c990b3a2bcacd0b0d5882dbefe40143008fc1ee44b9ee
ae8b0cd07f0ad0bd016c9e04689d9a28421969203fc7383d3c0890f04eed549d
aecdfc6cc0c8bec771d350b8c0879782c5460fcb06c82ef6e3e8dca042fc52ad
b344a62366e5134fbf966b9da770aebf3fd437d8b94cb58419a725f017194caa
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b58242a5bf709aaf04fb15794620becb6f667a6dd453fdebc4ade97d351f8f74
b748f53b4be6bcc03940de8de7cc091af51c4fddcc41d161244d7c38f82d8f40
b896fdc771727083305800c00bd079fbe01a7ec4a49bbcd0fe05fe5a349f14b7
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72
bdd7dc76bbaab8db1dd3b2291a9b1b52b1891f1f427984f3ac3c43c85a5044f3
c21cf338228f8bc7e18aaf002b11135b4890dbaa17578e56cfca18271e4ab288
c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282
c6e062ccfb4e7bf2e4020e000a457da3cee98015550fb029221d9797d9e19858
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9bf666f7c04b8aa9aa78e82d97f1468669f057d8e6be3aa82ce8de87c474d58
c9f6867a8b1d5dc6bc7fb0a326f8df81bb57574171ae9afe99907b27f13230ef
cb682e06c3bbcb8ae56688fe7e05282dede4fdefb3ac4099ed78fb6f1970cc4a
cf24d72a5dda3ef3b04cf60dd03860f950335c0fa07b6951121fcd059785522b
cf4f8ce4e9d310e448f37a9868c601fe20a9a8b2bf098bce26c59881f92c5a08
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d4792f6e3d8b7c64f23b2f0390f07f2bff9f96738c0d68187628f2c34dba842d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
db912bb5416865f9a07ab8fd37b75be0fc6791bba88450c403eb017e3b914fbe
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de624a0a9b0ce2f2a5a44c44f80210ed7c42095f089a6109d0b29d6eecc2b074
df44a281af23e9b94b2e579f960ecf705acb9fc743a04a81e3e555442d143465
e0bfc1f6c4b967dd2df9ee10f45148d0badaeeb4bdb3187ca895a74522afd1fa
e27110c6c420711e455f4cd6ef5ad7e1a226e04af67435b67270b88b348122b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e4476f605f9378c50d6626b99ee4229470f6b61cc961cf1ebd78b0d2ef1c3273
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb26611a993b92c1dd1ed7b7da8961a9e52fe5db192badd43b5163e99ca33a2c
ebc88a92e77c52800b5668fb88f41535919f5323bdccf51d17b8e364d3311170
ecccabbb163104536df7142673361d9627fc907e5bab3ef081d75cc1ddc7f41e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d137c58b9238f3a6d5078c64cc5f5a7422a729f81bad9482df8a46e473b02a
f4e9c68d97ffc00830443ddf06e1f2cfda681916fb6e60c5fa0554349a575e19
f53fd5f6c65409a7668fd99a516201a1caf6fbb4a4f846ca909c3187ad21e307
f5d53014b5a05801d3e4229cd877403c2271f942bdccc53ac86a6fbcc850db59
f740d439372834e01001cee32453acfa98ec4202a370649a36b4d17ce18c0232
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fb8c0eb6d06b539f1c18c6e77ee6a674bf5b9ec8ac878dc5b031575db9a8b5db

www.ukr.net Open in urlscan Pro 212.42.76.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

250 Requests

98 %HTTPS

41 %IPv6

44 Domains

67 Subdomains

63 IPs

12 Countries

2515 kBTransfer

6608 kBSize

44 Cookies

331 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ukr.net Open in urlscan Pro
212.42.76.253 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

98 %
HTTPS

41 %
IPv6

44
Domains

67
Subdomains

63
IPs

12
Countries

2515 kB
Transfer

6608 kB
Size

44
Cookies

250 HTTP transactions
9 data transactions