rivnepost.rv.ua Open in urlscan Pro
168.119.135.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rivnepost.rv.ua/
Submission: On January 05 via api (January 5th 2023, 6:10:38 am UTC) from TR — Scanned from DE

Summary HTTP 446 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 65 IPs in 13 countries across 61 domains to perform 446 HTTP transactions. The main IP is 168.119.135.247, located in Germany and belongs to HETZNER-AS, DE. The main domain is rivnepost.rv.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 15th 2022. Valid for: a year.

This is the only time rivnepost.rv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
67	168.119.135.247 168.119.135.247	24940 (HETZNER-AS) (HETZNER-AS)
35	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
8	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	149.5.244.20 149.5.244.20	174 (COGENT-174) (COGENT-174)
2 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.51.214.106 52.51.214.106	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
42	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 37	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:a714:430:b1b4:42a7	16509 (AMAZON-02) (AMAZON-02)
4 4	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4 6	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.137.121 185.86.137.121	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.159.17.250 18.159.17.250	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.34.117 3.126.34.117	16509 (AMAZON-02) (AMAZON-02)
1 1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:211... 2600:9000:211e:1600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.251.89.118 34.251.89.118	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:214... 2600:9000:214f:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	172.217.19.102 172.217.19.102	15169 (GOOGLE) (GOOGLE)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7780:137c:669c:dd97:7e28	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
15	18.168.49.234 18.168.49.234	16509 (AMAZON-02) (AMAZON-02)
3	18.66.15.100 18.66.15.100	16509 (AMAZON-02) (AMAZON-02)
3	18.66.15.61 18.66.15.61	16509 (AMAZON-02) (AMAZON-02)
18	35.179.46.115 35.179.46.115	16509 (AMAZON-02) (AMAZON-02)
446	65

67 168.119.135.247 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: rivnepost.panel2.dev

rivnepost.rv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.20 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.214.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-214-106.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.201.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:a714:430:b1b4:42a7 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.169 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.38.120.206 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.17.250 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-17-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.34.117 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-34-117.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.89.118 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-89-118.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.19.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f102.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

www.ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:137c:669c:dd97:7e28 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.168.49.234 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.15.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-100.vie50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.15.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-61.vie50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.179.46.115 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	581 KB
69	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 801257	207 KB
67	rivnepost.rv.ua rivnepost.rv.ua	2 MB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28784 ad4m.at — Cisco Umbrella Rank: 9270 assets.ad4m.at — Cisco Umbrella Rank: 40645	3 MB
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 743 pix.eu.criteo.net — Cisco Umbrella Rank: 5392 csm.eu.criteo.net — Cisco Umbrella Rank: 5670	395 KB
21	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 16387 api.webgains.io — Cisco Umbrella Rank: 45230	95 KB
15	webgains.com track.webgains.com — Cisco Umbrella Rank: 38402	172 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	137 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 142	2 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 362	252 KB
10	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 972 static.adsafeprotected.com — Cisco Umbrella Rank: 867 dt.adsafeprotected.com — Cisco Umbrella Rank: 792	99 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	472 KB
7	fwdcdn.com sinst.fwdcdn.com — Cisco Umbrella Rank: 170378	39 KB
6	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	2 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393 static-de.ad4mat.net — Cisco Umbrella Rank: 155945	11 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 11057 ads.eu.criteo.com — Cisco Umbrella Rank: 5530 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7363 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9945	91 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 1851	4 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33053 hal90005.redintelligence.net — Cisco Umbrella Rank: 323340	11 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 318 secure.adnxs.com — Cisco Umbrella Rank: 670	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690	4 KB
5	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 5630 pixel.mathtag.com — Cisco Umbrella Rank: 1380 sync.mathtag.com — Cisco Umbrella Rank: 679	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 6509	1 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723 ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	265 B
4	google.de www.google.de — Cisco Umbrella Rank: 3658 adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	200 KB
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 113835 i.bigmir.net — Cisco Umbrella Rank: 202250	1 KB
3	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 48721	8 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1172	3 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1004	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	131 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 497	963 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 791	2 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 52562	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 3443	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1147 r.turn.com — Cisco Umbrella Rank: 4328	869 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3351	787 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 996	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 866	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1178 s.tribalfusion.com — Cisco Umbrella Rank: 2747	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	10 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 16031	861 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675	576 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5103	104 B
1	ad-server.eu www.ad-server.eu — Cisco Umbrella Rank: 263587	82 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 51980	628 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 3008	174 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 963	191 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10876	60 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	447 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085	75 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2379	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	717 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 918	545 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	701 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	84 KB
1	sinoptik.ua sinoptik.ua — Cisco Umbrella Rank: 71330	879 B
0	yandex.ua Failed mc.yandex.ua Failed
446	61

	Domain	Requested by
67	rivnepost.rv.ua	rivnepost.rv.ua
37	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
35	tpc.googlesyndication.com	googleads.g.doubleclick.net rivnepost.rv.ua tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
35	pagead2.googlesyndication.com	rivnepost.rv.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com tpc.googlesyndication.com s0.2mdn.net
26	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net rivnepost.rv.ua
18	api.webgains.io	analytics.webgains.io
18	assets.ad4m.at	as.ad4m.at
16	static.criteo.net	ads.eu.criteo.com
15	track.webgains.com	as.ad4m.at track.webgains.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	www.gstatic.com	googleads.g.doubleclick.net
11	s0.2mdn.net	rivnepost.rv.ua s0.2mdn.net
10	pix.eu.criteo.net	ads.eu.criteo.com
10	www.googletagservices.com	googleads.g.doubleclick.net
10	www.google.com	2 redirects rivnepost.rv.ua googleads.g.doubleclick.net tpc.googlesyndication.com
7	sinst.fwdcdn.com	sinoptik.ua sinst.fwdcdn.com
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	onetag-sys.com	4 redirects googleads.g.doubleclick.net
6	mc.yandex.ru	3 redirects rivnepost.rv.ua
5	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
5	csm.eu.criteo.net	ads.eu.criteo.com
4	hal90005.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90005.redintelligence.net
4	d5p.de17a.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.facebook.com	rivnepost.rv.ua
4	connect.facebook.net	rivnepost.rv.ua connect.facebook.net
3	cdn.track.production.webgains.team	as.ad4m.at track.webgains.com
3	analytics.webgains.io	track.webgains.com
3	static-de.ad4mat.net	as.ad4m.at
3	pm.w55c.net	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	prod-rtb.ad4mat.net	rivnepost.rv.ua
3	adservice.google.com	pagead2.googlesyndication.com 8019191.fls.doubleclick.net
3	i.bigmir.net	rivnepost.rv.ua
3	www.google-analytics.com	rivnepost.rv.ua www.google-analytics.com
3	www.googletagmanager.com	rivnepost.rv.ua www.googletagmanager.com
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	8019191.fls.doubleclick.net	1 redirects rivnepost.rv.ua
2	pv.medialead.de	2 redirects
2	e.dlx.addthis.com	2 redirects
2	googleads4.g.doubleclick.net	rivnepost.rv.ua
2	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	match.360yield.com	2 redirects
2	x.bidswitch.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	pixel.adsafeprotected.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google.de	rivnepost.rv.ua
2	mc.webvisor.org	1 redirects rivnepost.rv.ua
2	stats.g.doubleclick.net	www.google-analytics.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.ad-server.eu	hal90005.redintelligence.net
1	pb.media01.eu	hal90005.redintelligence.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	m.exactag.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	rivnepost.rv.ua
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	rtb.nl.eu.criteo.com	rivnepost.rv.ua
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	rivnepost.rv.ua
1	cdn.jsdelivr.net	rivnepost.rv.ua
1	sinoptik.ua	rivnepost.rv.ua
0	mc.yandex.ua Failed	rivnepost.rv.ua
446	89

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
twitter.com
www.youtube.com
t.me
viber.com
restauto.com.ua
mobileplanet.ua
vodarivne.com
www.ez.rv.ua
happy.rv.ua
rv.uar.net
ua.sinoptik.ua
www.bigmir.net

Subject Issuer	Validity	Valid
rivnepost.rv.ua Sectigo RSA Domain Validation Secure Server CA	`2022-09-15` - `2023-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
c.bigmir.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
img.com.ua R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://rivnepost.rv.ua/
Frame ID: 360A8EA4F10335AF2A54532F0F835A77
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: EAA20A70D16C0B6CF1364C804508FAC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&adk=1812271804&adf=3025194257&lmt=1672899028&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Frivnepost.rv.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027841&bpp=11&bdt=486&idt=334&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5417183431727&frm=20&pv=2&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359
Frame ID: 5C46F566E209B558264DC989ED459D98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=280&adk=3105171064&adf=270333701&pi=t.aa~a.3789576887~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1672899028&rafmt=1&to=qs&pwprc=1092727598&format=1000x280&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027852&bpp=3&bdt=497&idt=353&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddrACp4p4u&p=https%3A//rivnepost.rv.ua&dtd=356
Frame ID: 76A1D250324E310242A69ADE6E3DB9A5
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 048583FC8277652A490109DEBB95D054
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7Zp1AAEpeAIu-KCAACV2Slqeu7Rpyo-YRPVxQ&u=%7CxJlgnc66FlmITDP58d%2FjkJVBDJIl12i7Oxs56joKc3s%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcz9--kQqKO-RFHDoku9qmqKQqEP_d1As5CtMTN0vPYZlXEE2mjHDFqNSCBr7XSW09lfDrWYH2mpa9e71_fmgarao6OYYsNHWUVr0c5I7O5Xn9fc7f1qUKP_GmcwEZEjMacVsBzAy6Keqzq6Mu8PA_NxCZcs7msPnnihrUmBqkZdzIRHpDCMtPHqkKX_RhQGeNkcMOXEYoexp_d5QwoYdSonqcfLOCjpuUcBdW_UBYyI7rARwfaEQYXGe4Hd2mgL7akBRmr-VXgAEZSPy0khJYZtYJHSTs0xyFn109YBotD_SW_lJozMws5iUNttIvvQ8uAHkw-fP2c60jYcpNkBgVVkzH9dOACdrCezwlpSL4O2Uq8waZe64K5zAnL1TBj_tTa0_POrkqA05YjUEM-72IbOSAf9nZ50FL4Bmg1fwaU8MV4K3TRtbJWIxyuXLs4AaZuH9e610XntlaHAV9iy28XZpOsIM6lUKEeCpdpufoRpWDa6jIeQRHxDDTfMYmtEEF5b-Z9sXDewRg1eBdYuNaAKS-NJHvMHp0yTI2pmWjGjT4krzRNYwWDTdDRvPrk2nA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLA7j1Gm2Y-DLEoLF7_UP2auCuA3JntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTjAU_QdoBGLMSqZYA9cxKG2bya11O1idQf8bO7vwpms3l9ZMql_XjodY-xPuF0jflACcBcmI5b0gqGqxQQ531NAXXpQp7ZkC8vfb4_S8BdCORW5C0I5c26J3YRPjuDqPP7J22pokgcL2emKaqu4APQKmZhx2eDycgZebeMa3cktLRfUOQMdoyWZnQEzaAc5lXbP0rIz3ACt5u6BAJ58OvMeeLfZ5jLdoJj6QHKGlvl2RRBR2PqMqPZqs_79li3haLH4r93M7p00N6hWZ06XCUNBkVBoy0_gl2iKeCoDuOEMLrkcP9GgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1i5HdYSstE39FPuXQCu9SIZMZ2Lg%26client%3Dca-pub-2108338005955045%26adurl%3D
Frame ID: FEF259D75630D1749C1004DE3F4B6EFB
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Frame ID: 7D7EA05F4480379CE43C6A914B283F4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51
Frame ID: A8CD21099A4A4FE00AF1052DDAC3C214
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55
Frame ID: 08AABB2AA885A8D0FEB51EAE01E27839
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60
Frame ID: 057B544907962681E8AD111D749F3D45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65
Frame ID: 7F1B5151BB99F59CC0A58F08E7BC9ABD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8DBA8CD473AE76C4C2A548EEB23151A9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: AA4523823DC0AD8146FECB1210609E15
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: C556BC831CF9A1D1492018E26B6D3E11
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 025E1305983452DC62FD5DCCAF5010BB
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7Zp1AAErPoH_YTXAAhmdhnEVO2qTCwjdZiYuQ&u=%7CxJlgnc66FllxtJgHmI1qvCRkrG09CcGjMl6rhSgeQfo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nFVMkjE1LG0HMjA84DW7_enpHd3FRTADViZurdkCAU2MvQtl6MIvzBzFzk5DBAvVQjI28njr5_KILDWZl1S7ySARn4aAXMRrfIiYRFPeygEpdMDevtoKaljofiCU3mjvA-ExXfewkAtxxKJt4_iUvJHXISsLzH7NEaWJQyiZUvuTqWYhSMFBhW2MfX_T0P6PMrkJqpiYKqFxBVAb6fWPuSWp2j7hcf01gKr3ebDNdG8XZRaAYwinfNP2B5S2v1vgfYg_5kM4G6BdHN4ubpF4IotUrxVJi4mtThh00svcvYjyJFgdLFM0JomUgKvDvyZDt_PevpBU8QH5_IQ9RKYYOdJI1tssa4BgHz0tmhzSRcz-oe7b18sIW_Cm9nFYSsuQgOGrLd8enum26eeoH4E6VAJUkkx2UoRKqC5fCvV3WNafTEeB7Q3P-UVrKSJr1uqgjZfo2Ep4GESRnI3IM8fU3SXLAmeNDG7iCyPdKzjYFEGzMSreHdAzQvHuldUZ0LgRLOXkW-6EBn97ejkUOhiSwIxn0VEnFIh80CmFH4fBl9tR8prt2MbKMHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRilh1Gm2Y_rZEteJ9u8P9syhgAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTiAU_Q5nKJzBN9ct01mvGhVrAQzLCu2UWYqM710cHA4-MWKF7wd9wtqKBVTBFz6nVm7MfDT2wEHzbsycHQiTE0Vblm_XpgQwfUH4DKa92ESrEaD5l6rMtpEl9FIVeryih5DE8AwNMI_BnUdjgCs1SAXEEKsyFbgF0MSCKcJ2G5kfo8fAqTGFAlwhFCRaFWDn82aelEwedzpr6B7i-r7C3Qvuu6adKuH3KK91YDHEGJPR-_B_QyBq9jB-T2_cmYWOu5dn6rD39KW6LvYP7r1gL0q_9ZH6UemrhbP1AQ9d-Ot4Riyp6ABpL3rPf7vsa7K6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2noS6eQ9N_YmE30s8NxY-IbGA3MA%26client%3Dca-pub-2108338005955045%26adurl%3D
Frame ID: CC4E3425DE4B5ACF8DEAA95827A0E26B
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW_qINExxlb5BnfUFXzBJcK6VIYoLy7t5SecBGaqqplaEaLRLWBswpo-0vRCYYic88KOFslpm6RpD6ymvMGCYkPMHR0Fhsp706B69F19Av7iaP7euVkQQQhgzZomAh7KVFjDV83l9R8l8-tjPVcyQgaSWqxQQKKHia-R-TmsQAeaxnlInw
Frame ID: C6B35E0C919DAB58F66A2543BEF22465
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2JtH_80WFgpHog2NVJw3UIVlfT4YXfUY_OUQL5x0rBFAfO2sZ1g-2cn6MDMVQC19ApvH_p4WdBc8UONGV2HwN-SP2oDrOtd31v2D521JwqL7nSClWY01h0ARN_GQGiy72gTnkBVqbI1ja-EGHNk8gi5kcP6vPBpMOz31vX8z7NGqFer4&dbm_d=AKAmf-D0uQsTknuxwztnYAT1p9rByhrVKEpJnab1oLL4gUI7mW8xgwLILo_OpoMdG0JQD284ikF05OlDCP-fOYCbh_WbmKsU8qHUvglQkNHPwM4iXIYjVioVnogx2pmdoXkAyv2iJT-SGLMtEBEpvkReDYVPMgoawJCAnr5KDOG9l99qYL3UGVqoJ6DJgWlG5YyjkHqDYt_0-u8QYlQcs679URd9CmAGWlQIIfL5G5OAEY5BdN1y0LMPqZpnXOwKr3OMIvE_K1aiU1nkTpNRIAP0DAa-kKwZt8BY1a03Tgw2wYNnKZPTycWe6PnHNIrs6f_TwVdQC8wud-QHgamYF4Ro5bkbInX4TEf50y1PPPmkwHsrGUHUxowS5nu_v8m3DxHO9gVIQrHA4GdAHjCgYnlaaezIeOmYXyzDZy8M-FfI-vaMZKlh5qLHpAnsXt-JVswBFRyXTHQsnwFHMU58GoQ9O0zXWuuObpyqnJz_i-qan7a50GV2dGDf0tyUai4LC36RMM2f6i4wRZNTl_Rs8OosVOpKbyrLgGAmK55WSrdyDn1OeakGJwDZ6T4U_D2tnBcrXKRph0cIbmWb77-eIobRp9Xtb99h7pOvJxppFxhjhftCisj1rXaPm9rvXY0faRNEk3qqIiOft8S239hNUUw6gN-tmyroOub8ubFMAHJS_A3WeHsdnEkwR7N3yeSYW8z56qWaw--1D-7ZhwDJixl-slDl_g97ojHgkrv8RIenRB3-Fu9oN8aN1qeKlY_L4r7JLY644rAnU_DTIR1LF3UsDSPQDMk5COgDF70iUKEO-vGJOB4TV-GLnUwiv5qpu3k6LH8AwjQL6JVmXyJKOFaMpxJOi0vlo8egkAlrCJdhQ6GR8ujlUfwuLb7evpMtM-ffSMtJz6tDIFHnzmX_JQQkCqJn_1c_vGn1V3tsnoBDYE-55IwMvaujLIs0aZN5TzJm3prFTBn8IuSLx0i9hP6SSxbSxQHwi08ZI2jXg1VxvtvjqD4LZsM714p2vhptKqIxdOSuImQXWgXLXdheiGCjZr9r_au62_exVDIJiH77C_aQDSN8NOAAr6Jl_1A8xIiDleHZ3S9sNnezMZ6GtYwKs0pnfMFgl1vuBBZFMi6dscJNeXa2QxPspOUpThQuXMj1bnKxPxNfiJRRaC5LPYlzLijyQwMmN2HKPggNMXX4XrftBN1b_g2qyOBBZHUqrWGGTlEHi1lPAICzWQCy6LchXNZljBcJYfHMwX_pYBEpk7cym2pQPYecVu-C6sEVwDp40ITzMqCdw3ZkwLXw6tvemVZG4eTmW9b73BVxP8LX7ySa8O0XUUA8aTL24U20HjEoFeEh_vFWBAOFW0rKurhaqNhxcuX8RHVPsmFDdPablAYecy3V2KqSpbQE7c5iKwpzrxmHh9y5gLNpSXL8DNPcwGF7FGcHVrICcvh6HS8pl1VyWIIKaX03W9WAuG2djBh2pcy-WHZgztxgFhkuHOWZm4fFUryFBZDcGjeQIxd7HWOyF3HLERiWuzdHbdvJ83rfpIbFhk6HzoZEX6KjtmpFiFU_eEKuIqt9hZ5MlmZ0uJRy0-pjiwM4NrZYhKq8hVhbQYv0Rba8VbMBasl-Aqe4kSljC-3jUiH_oKN1VUbso52Mx2frUsH-anNzIagpEX27osIeWGzvPUuTBkkQLGqHVBkXukyU1Hi3J6yR8TCoP7WLPfMFHsRiCWyt2PRuSevHmlqLFo1Pj0QEj5unR8YDlPm85rc9X3w1QgR4D75cvp9rm27QBWxTO1KE8XBTDl3qWJUN6oLC66TL5sVkwlNS49Yr0FUVxujh2ZHaTLWsJqlfb3omAm7cEJmrBq01QHNqzBDaqk3s9MliLXwFyvzvYrADpdCTPIkMxuCjJKHSb9LSCuIQ8cJSz80dkSZo58Uhh56IGBuQwmZZezLbBbLiMTYdndkL4M56zRa1sQQ6qVx7j9bomENmpt1Z2urR_O5d4EDQjj9med162IAxF7hkrSHZpmJAm1l7BA8bmNkjMkKZQgRgS6vs0k4gsofG69Zo43ZnqoCzNNkPaUDP34uwPqX42ue1OD3GeS_Sy78J5fTyPRAjL1fkx2kSJzumqMSZc9oHCbhzKX_45gN4bys3JTbBRCaDnaLhbdZF-frJZAwA8uDFUh04iEMEbx85dVzXWXM_WXgksXFbmGVbIviUySg9oiV2WWHnHYG2Ej419eJOh-EXBVELjwO6mc7NUO5IjWsvlX1hwEJy3FtfhUdyZhDP2BqPTXIGxvqij4Pr9xSnM76mgiVkMxOsIsA_F4bO6Ew_7isDpPF6YaHQ8D5CdyUOy-C6ABBS9fP0iOaiogBh4jWFsGN0nHbLjkfMuinhEEwp5Ykiv13vQigp_t9Bfc3xvvfohZ4nkRXL_2i5u9jw0tLtcdscs66KhZ2uqUL_Sx5aiUiqeJ00p7c2S33xo812HD2AWNieM-_Uh9JZBMjjc3KCRslhQ1zJ7dVrFIyfHocloCKW4qng5v3HLnGBRihYBPknb4H3Q6kOXd0OkglNyW1gYBZhXZaWpI6T5WHZDbgaFsKoeUMqMAhx86OjI2_T7OIEO_KOLYMOVqBSiM3uuOr_KlRZZ_N6e1Pb2nQjlys7tKpTTkH4FKsarF9dER5rhRH1wq5j6pgtOsZoJ4t4s9BqzZWpza76ZjFS1udoM-Lz97S08_iOeijQ7Bm6Gu9HYg2I0BSAM53NqZG_iOMUZnmorIHADz9mS9hdaWdStr9BFNWfp0-EJgMyXTHFwxk-kw7hFU4bRe3K-iJ0wlYIcRDUuj4rj8Sp5TZde2hjJTeKP6G9_90wuyUHhHfer-O_KClJ2tBpHZJ6FTTgIyt_bndVCbJUMA14sIGR0HRS2lQFc4zBuvUcQL8jrZ2Zz4n-KTZoKksQPxnYhGyd4v1fcS1kX7Fj_QddHMsIRiYLdaFmiVyZPgUdAgywEerWxkcfVt_Gp-RFmAVFUjxKtNqFGMCRkg29tF-7YhBMDYPxD4Mg1yPOBCzJnhmxfF2SEAB8gXcflmZ5PPv6tHwWfzHDSm9M3IO3YsGr5GK1L50Agg24a71zMfaMZ22daIDCGYFSYUCy4yY7wmHvJxtBh1YzX15FOCYDh3_JB4BDzGT7NVkQp1i8ent0E2QpGqmpA5XLJqv56lmaPs4_boJKbCnYvrhv5rSv_RY1cOZJdE2gk8yv2lh6S97zm5To9Nm5yndEKAmsehoLrEJiSo7PYIXU6cGmEsNcQyIKGkw91L9BlW4yOxVMQbJK4NuW0yK8uROB8t-nFao4ZlWuW1eTLX7u6eyiE_XsZhzPRCQLeaN53V6j4oZTYJ4zc4Gy6Jrl5WtkFkHB0tGTcewI-4vNO93WhjBvz6vQdGacCtQp8vRVK5ml_ZmOgetStCQaoG2Fhas84LuYe-1G7Wy-icW6Tp6ttD24Jrn2zuXrQ7wo0qsE-3TvxnJoIf0om0I5T-45TqUWKR9G3kHw0V-SeEcVNuQvadUEWJGXBzwW49YEqicKzI_fNSpwXV_Oa4qawq-M1td8tx0DoyodzhTe3oG6bkfBlb0MckkHi2dU-XgdraL0aa04WlOwaCqC7iD7WHQD6glqfKQ-sHudxHYJ0LRhYUSRMUta8UXwTrxguY6jQYwwEtFvBMhRIiv8iP_xlJbjjzyItRjJzvRpbUmqr1ednhTXAcFAD-UNAJtw6_T3g4mZJy89S5zbm1NLeQUEfgHPTyb5rRvVuJuLZuuqE6BmqQGtDfh7g7OsYF3wh3dq5v6X46OKw61s26KbXo2F4sSaP5EvUrjY8j71KO-D7pdR9U7T6JC1EvEOWOOh0Zr1Dec3_gLNmfyiROWsoMkrogW4lKUig6pwMvz19J22GegeWuVVPQ6iKp4ScPYBR1Nfn0FNagX3MZ26PNsK08MIbUbYEPUL1hUnDPVpJ3-IVWuaFu-r39veOjZTmMXttyuSd0OvD0y4yNvWosr6pz1VGopj1FoQAPoczEc4dFza-edDqYc-pMki8UE&cid=CAQSOwDq26N9DbMQLijmtzCPojjqsPCJkePvxjvlsmvS_N-_J1VnKiGcgpf3KkpPMhG0PbZFievq-dUpHaSFGAEgEw&rfl=2%2Chttps%253A%252F%252Frivnepost.rv.ua%252F%240
Frame ID: 5D566334E1A9769217C31A1284C6C4E6
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cojb-1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5AFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bONDTckUme-olKPBqxlh-kAoS3mKejWkHUO95G3tuhsxGLbqDFB0OABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEwODMzODAwNTk1NTA0NRgA&sigh=Cf4MP-eUQeo&uach_m=[UACH]&cid=CAQSOwDq26N9kEnbnJMEu-JLQQjtRcKmmUhUGvzFQBrL6gq-MbWdMuOMCCE1g9tzF2mJjDzQIIIFjVgd9LFBGAEgEw
Frame ID: FBA539799AAE894DFE5CD4EA18F491C6
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hj079f17ssbd6rrj3c0ht8b0mky9yx0dntved5deqg8f2ksenh2hzmzvp9s0m8z3y6g0jkw2nfhhakq3vv9wtw60h4cv2k17mgdgekrr0kpq7j72zxk2byxg68srr28rvsp89hv5qf3fm81x4w8a0gr4yyzbhjg18wrv3r1gavp2k54ncjcmsj5vpvd1hjfws0gvk6zq094fkv129ptxbpmb901wrzsz7t3vbkzk660amhgxeawtbv3am6mn06rhr96ev20kpq8m7a2898bzbgk74ecz9y72yx8wr6hjk24n9x4h7m0mvhxydnjyaw7cj4m3ztp0mfhk3nc1jq35vdefkq3ykn45vaa0b4pxq9znemta83kdampb4vy6r0bxq4c5ghehywmzw70tcpc7a34j7ta21tvg76zf16qqr41nvzfehfnxet0a0whj2ex2ypjtrd1d870&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Frame ID: 8827215B89E637E3691AB42CEB486DBF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21AB115967B8A1B1F7CB88D75936A641
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CKL3I1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5AFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUj8yp3ScuFCg5YrhzMFEgMzb8iWTOP5TI5ZLcf6l3guiR2iDdXmX2ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEwODMzODAwNTk1NTA0NRgA&sigh=jCbzTOqWsxE&uach_m=[UACH]&cid=CAQSOwDq26N9Gz-ATEJhWYxhDaKudx2Giw4Em5EsyTHnXcYDhhBlOxci2Oy7YObqNs9dqiBiUg12U0c7GS0bGAEgEw
Frame ID: 900B175C1C8CD421E81ED616A855C9CB
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hkaw8rn8350rx3fa7bw19wkmjcwkzrdr87fzy0ncx4jx6kv1a8rbt62sh9hyz4n31bbskkj0jmv9hw2er380k9y23t8sang9rvp4zbfx1aswp1rpwz4cfp8hnbfafen2rgkfm3rym84pqr21fqkcxdv4wnrmy7bqqc0zyfj7zy4jqpz7xzvwvx0988mj4rw382c29bxj5rchy5r2pyrmbbjknp33bsxt886t0fvzy4a83grcmm58h7we48fwq69vkkqrdn6yz8y0aqc7n3vymmyyex2np8qvbd4990vwacxm6mj9g1fh8ffn680n4zgj4trc4bnm9gdaezf370ttj4dh4qpbwzh7xcvqebwac6t6k6k3qrdytg1b1kzwfzmx8gfs90w96gwxswrh03eyms84mrmwr94shvsca1mhct0gpe4qe6c5fsh7hr5fb2m7zaw1wztb620&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Frame ID: 0EB8EFA09328A5D0638E2CB9D6D6FD7D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3CBA6E3C8C4577675E62F9C31159CFF9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=COaYx1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTkAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuLer-yWYGStMz3RmYOTTqYHDXLHwyO0WXoJebNMV3E4m5T9yFbRZ4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTA4MzM4MDA1OTU1MDQ1GAA&sigh=ecIe-ESYyqw&uach_m=[UACH]&cid=CAQSOwDq26N93bT6P0QSpMR2ksgS6SOFeFk6x9o46Opwh9uQ84kSc2YxrO9yFVIkh4ilwc7mhZH6pK8eUPLbGAEgEw
Frame ID: 54C06AF26F261DC8FC8C5EAA5111E92C
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hzmmm8vfbjek0yb3b0kxqhrpekcp3z4s7cr7re8p9qdb8827gbyg122czc9bq0vfv4y27v2sktn38191kqvrd3x72whsr784a70nzfgd89brwaejg8c2pz87p5g0spm06j748rr1x51greftnj2pf6dadfe1efkq8gz91r8bfkvwk2g16wbw91q1b0v9edxyafatzqb9g02gd15gtfxrgy5fbzx19cpd6kkkgvx211ephafmew8jm0p2w38fpfxskbr8x2ycn636nyj1ffgmg5hcqz4zmdqcg7sxdhn2smwnnmmgxayye5r5b92rc4bwd9x11d60178w3sv4ek25tztn9v28tt4r4jc8h12w3x4jrwxsbmzk2qf37wprzf122jp8x1mev9pe08yvdp7k3mw74vqd1r2dmqty3ajs2hpb42960pc9hz8mgk6bcyx8hh94qpytb70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Frame ID: EEF5BA627645D6D67AB343E972DAA5D6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7D96AE44C6B44DEA2D21E885DED360B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CmBIy1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTkAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQwPq5pIv0OENwNNb0LpZoAmOzpxk-pGmwFGiOd31BXHRyeeCDmXEoAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTA4MzM4MDA1OTU1MDQ1GAA&sigh=66ab8rQ3TmY&uach_m=[UACH]&cid=CAQSOwDq26N9mKir6MFaIUC6U7OBkFWoCbRo7MtAt3HvTCA7_XSwiGw51m5isfK_cajqL_bcxuyXnMRpAnBHGAEgEw&tpd=AGWhJmugh1FjeXIrcbfptD5rumM8DLxav_c4r24xocB8emvIBCv_NeK5irjMrQ8MiVn6ObGaC0KfF8WRF-YYMw7R3iSu359sOTAhm8WR2qfc5jugIwBsxExiB899muhESykUTatIxXyEkQTFoYpWmDAWrL53ibJyUJ2oAUhLeXByBJcxa1b0cY4bJG6Bees39LA4NH9CKF_3I3jG1H5ZPBOZV3QE-7968mKJ3Qol7INDt8tC4i1D-XwVq8gvPkFQf7qOeSkHFWZpPP9XKt-2aZMUMeEtbm-iDFU7ogM1F9BBVZbp3ELtvJEiFcaukGgXxwmPOCcpomE7PqvBrE4wjJr5QNk2wsRCPlLoSiDa2hxDxhz1bnVuurStG_jJ1r0fGt7Ro5JaP0RkG8107EeBk0NZjMH3HfQCMtRZLx1C2lCVDcqTannFKVwwG2932L6kYlD7ZMARIdnUnobOG4KylDQ8sCs4J2YGOkyThf_2UUWsKT5TwGXSIkgjNGolLXw0IryDkQI0dREeDegxPj2D-x7l03NmEJwvtErl6wncOZlw8_iUegXUvQvGEsPRx7TPfp1Lwd56OaAtDKM6f-AIL6d2Ij10YFRHenDh0vQLSmE5i1EFMzqIUpRytzjQEpjfw-lEJ8I66LdAGiGkiaWdvYGBrHmDXOlAbG5Dth94cVyX2IVvWCQM_jMsKOF1EqCAOC7p-qG_xqgvzkvgzj_ZGB3LPJL3zcD7dB2K-b7W4XGbGUQg1QrYNovQNZtePr5QZoHyGOfkyisXuJX-Z52bdBwJCBrPonX5EN7XlCxjlipgxrkMaygzCd_lR1XBymAEw-aIuSP-Iz7G62gJEpL61Nf9VqMS3rjhB1N12AphRQqT4jCjA_GDgUh6FHIaT6CJVRWbRBpwblFjvhchTmqHM2nzDydrzHYqyyTRcMn7LbsDVT7nQhpi78Glrpn8D9cWA8WqT8Y9ww82Dq8J8KzJbYksTX-UUFPHizG3xtGief9dNBCEKtjskLYB9KHZzt7KsV3LY-X2aH33bAZuDkX9YSkoL-JPth-fBhvv-e5tub23FxduZaMRHMmczpoNxjsHOvrPSNlEhxRzKlEWRqszcQKUgdzf5SCgEsT4bfbs5UzR
Frame ID: 55EEE6655F7F6A5D51052DCBF27D082A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 08E97E84D2A18C44655B84D65444490D
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019
Frame ID: 277343042EB8A291B0AD206D4264187F
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A96DE299C6393A216C6A3D027705B80
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E46E3BCA168CEAE51A8AA3CFCC1C1D4
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 93FC64F114C9F9850E26FBC84A9D948A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D10F1EB3C26D98CFAC9D6FB40293D671
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
Frame ID: B713499AA53D8DB3E40058288F97D2F9
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CC1B4BBE373F5DE607987B8BC3FB4A10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7DDB2A756379C0C79DE9E0B00C991759
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: E3E08084CB548B1E3FFF8AD0FD4FA687
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=69065900021213600951399012195005&actionid=981741&produktid=&dt_url=
Frame ID: F2438EF38D2F6E54BAA84AF1720DCFE8
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368
Frame ID: 46536E70E78EACFFFACAB8E3F5E4F0F2
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=69065900021213600951399012195005&a=1f1e9567
Frame ID: 832CBC81B904E0BB9BA233233DF27582
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F1ACFF1435577FC60C15CDC02DBC4F7
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 96C4A71CB5549CD9CBE4FFD021587914
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Frame ID: 8719E21BBC77A0ECBA8A210993719C62
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Frame ID: A29EE4E631548488825E8E64B43D0A88
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Frame ID: 4E35A249A8F3FC1279C1C4AF199E59F4
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 5F4F92B748CF4D4E8005CC2C7297F91C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B79A946D20576D9C0B25316357890C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4214BD2432CA075C68DB5AB856BB0AFA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Рівного та області — Рівне Вечірнє

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

446
Requests

91 %
HTTPS

46 %
IPv6

61
Domains

89
Subdomains

65
IPs

13
Countries

8469 kB
Transfer

14017 kB
Size

71
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/RivneVechirne

Search URL Search Domain Scan URL

URL: https://plus.google.com/118338512088016494116

Search URL Search Domain Scan URL

URL: https://twitter.com/rivnepost

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCnAnR9Vz9mCujqR8iPc55xA

Search URL Search Domain Scan URL

URL: https://t.me/rivnepost

Search URL Search Domain Scan URL

URL: https://viber.com/rivnepost

Search URL Search Domain Scan URL

URL: https://restauto.com.ua/

Search URL Search Domain Scan URL

URL: https://mobileplanet.ua/apple-iphone-2/apple/iphone-14

Search URL Search Domain Scan URL

URL: http://vodarivne.com/

Search URL Search Domain Scan URL

URL: https://www.ez.rv.ua/

Search URL Search Domain Scan URL

URL: https://happy.rv.ua/

Search URL Search Domain Scan URL

URL: http://rv.uar.net/

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%80%D1%96%D0%B2%D0%BD%D0%B5

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%80%D1%96%D0%B2%D0%BD%D0%B5/10-%D0%B4%D0%BD%D1%96%D0%B2
Title: sinoptik.ua

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A818395530986%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A639471813%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Ast%3A1672899028&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A818395530986%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A639471813%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Ast%3A1672899028&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 71

https://mc.yandex.ru/watch/45619668?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1446949455564%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A256191159%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Arqnl%3A1%3Ast%3A1672899028%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A0%D1%96%D0%B2%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20%E2%80%94%20%D0%A0%D1%96%D0%B2%D0%BD%D0%B5%20%D0%92%D0%B5%D1%87%D1%96%D1%80%D0%BD%D1%94&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/45619668/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1446949455564%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A256191159%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Arqnl%3A1%3Ast%3A1672899028%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A0%D1%96%D0%B2%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20%E2%80%94%20%D0%A0%D1%96%D0%B2%D0%BD%D0%B5%20%D0%92%D0%B5%D1%87%D1%96%D1%80%D0%BD%D1%94&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 85

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9874.Qu_hD40KQqHJIswTmU-WNt5T2vsO3B_x9qlI8dAf3WvhLsJRJam49rzZXklcAiBb.GU55Q9U8G0-M8D-kQwAgHJJjJoQ%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9874.GA3xtXp5PQ6gvGy9WNDHQU7imHvW25QXZSwxDvlZ9uPtqQyQIkpMip8-_bRQFPrkCBThL7efF1Hb9qrf5yNSrrMAapwOL69ebxbt-fuQmXX4J0Qnmlm7qLtxJdbTOeHwQ9f3sbS1vuWB9OS21K9sqyXQFPkYyeYo6L9Wdxe6EE8MHPITZ2MKfVM_daasKsChy9epDwjPrVR-IclEqUMpNealLUeUdmeiOtdop9hKY7U%2C.GaZIKshhYKF4If1mOF6arJ9S3Hk%2C

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1

Request Chain 205

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7Zp1SuNUbIj3eFffGgUfgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZSciXNX3D95929f61XY_k&google_cver=1

Request Chain 207

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D

Request Chain 234

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIxtbj5Jtwr1XLN1xmq9HQU&google_cver=1&google_push=AavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIxtbj5Jtwr1XLN1xmq9HQU&google_cver=1&google_push=AavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 235

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJx1OdLVm2O3u4qypLSY56w&google_cver=1&google_push=AavPq0PxodserNVCpy75Oewu4X-MsJ7F4wDH4DUuMDtdnx2PGjLRggLQOOZduTaXanoRDUyeyP2wHTYVeQqeLDIn4b2e-uPD02Oihq4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PxodserNVCpy75Oewu4X-MsJ7F4wDH4DUuMDtdnx2PGjLRggLQOOZduTaXanoRDUyeyP2wHTYVeQqeLDIn4b2e-uPD02Oihq4&google_hm=eS1xYWE0RGVoRTJwSE40ZmxrbTI0SWNRYkFxQ2htdW12Nn5B

Request Chain 236

https://d5p.de17a.com/cookies/google?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNrm7WTCRQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNrm7WTCRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNrm7WTCRQ

Request Chain 237

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7HDbuKuFWvr1oYnI9tqyg&google_cver=1&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0lGsl40Zz5cKMg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7HDbuKuFWvr1oYnI9tqyg&google_cver=1&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0lGsl40Zz5cKMg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0lGsl40Zz5cKMg&google_hm=F7xypGZHtVtU4x5vTvS110N8

Request Chain 238

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH2CEurmo6x-wmdSHQJEaEI&google_cver=1&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWVZcVIz_874HANZIgNhigXZgKD37Tf2O HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH2CEurmo6x-wmdSHQJEaEI&google_cver=1&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWVZcVIz_874HANZIgNhigXZgKD37Tf2O&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TX2ZuSUtCRTJ1RkRJNE9RcWZqc2tHdUdQYjBLRVNUSn5B&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWVZcVIz_874HANZIgNhigXZgKD37Tf2O

Request Chain 239

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0OptNmBtibqyZtvhkuRq3tIF_sVaatVqwzdVOTQ3rX4UPnhJWQBVA-OeJbhVPumqDE8xa-BuEgeRwjt-VpgyMb_UNzwZT_1uYV0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OptNmBtibqyZtvhkuRq3tIF_sVaatVqwzdVOTQ3rX4UPnhJWQBVA-OeJbhVPumqDE8xa-BuEgeRwjt-VpgyMb_UNzwZT_1uYV0 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 268

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELqoerPQr-AcaOFdk_fQILY&google_cver=1&google_push=AavPq0M2udemZuOsUkRLhhSZBHydoP_CFdNs4rIWW8mBAzCvIvibpN8Svh_gXyXLIxy6zj5z9pgS9XJATjWib9Eai6_kNaC5vA2QFG4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELqoerPQr-AcaOFdk_fQILY&google_push=AavPq0M2udemZuOsUkRLhhSZBHydoP_CFdNs4rIWW8mBAzCvIvibpN8Svh_gXyXLIxy6zj5z9pgS9XJATjWib9Eai6_kNaC5vA2QFG4

Request Chain 269

https://um.simpli.fi/gp_match?google_gid=CAESEK6kUuR3h1_dzW2cJ8LlJ-g&google_cver=1&google_push=AavPq0PfGBZyHkl8wyFb_1g_vLNCccEeyC86FxvlXm2pbyvi6GdMTGvgfSilhah9B55tkMmAQcgKh9VILIv8K2yarSIQoIRnCof6UOo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB62F52BB95E433E8B11F5F66C9144ED&google_push=AavPq0PfGBZyHkl8wyFb_1g_vLNCccEeyC86FxvlXm2pbyvi6GdMTGvgfSilhah9B55tkMmAQcgKh9VILIv8K2yarSIQoIRnCof6UOo

Request Chain 270

https://d5p.de17a.com/cookies/google?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6pNNtEsss HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6pNNtEsss HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6pNNtEsss

Request Chain 272

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOYuqo1Io_NWo5YTqdb6E4s&google_cver=1&google_push=AavPq0NnVJuPdf8ZY7RpUQp4g3z9tnbS3Bj4bV0KQFC403Jnc7UoBKAYdGZSTaBT_zwkU5eLASvq_2SegX1oq19j2HyiefGfUpk-3Qg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOYuqo1Io_NWo5YTqdb6E4s&google_cver=1&google_push=AavPq0NnVJuPdf8ZY7RpUQp4g3z9tnbS3Bj4bV0KQFC403Jnc7UoBKAYdGZSTaBT_zwkU5eLASvq_2SegX1oq19j2HyiefGfUpk-3Qg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yPA40AEyRdu144EGZSy4zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NnVJuPdf8ZY7RpUQp4g3z9tnbS3Bj4bV0KQFC403Jnc7UoBKAYdGZSTaBT_zwkU5eLASvq_2SegX1oq19j2HyiefGfUpk-3Qg

Request Chain 274

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENgE_i-vqVYtlF4BQ9m57jw&google_cver=1&google_push=AavPq0ME8cPIVzgc0Jh4x3ieN5qygTvUge8h9H3u5GZAtirZpcIgYMdAhN2t7hOQ670OAcGuyCIhvl0is2e3ea9KXdu6hX6gDzpNziM5 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENgE_i-vqVYtlF4BQ9m57jw&google_cver=1&google_push=AavPq0ME8cPIVzgc0Jh4x3ieN5qygTvUge8h9H3u5GZAtirZpcIgYMdAhN2t7hOQ670OAcGuyCIhvl0is2e3ea9KXdu6hX6gDzpNziM5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7aa48db-8910-4640-b64f-709259b173bd&%%GOOGLE_PUSH_PAIR%%

Request Chain 278

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0N8w-uXWaXSIJTjRc_jKSmyEiCBL_4ex3_OWHTtm64Yiky2gNzga1s_I3D2--Da2Q6BHSp9wMIt2rWon6uAswYgsNW5EQeuIRE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0N8w-uXWaXSIJTjRc_jKSmyEiCBL_4ex3_OWHTtm64Yiky2gNzga1s_I3D2--Da2Q6BHSp9wMIt2rWon6uAswYgsNW5EQeuIRE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0N8w-uXWaXSIJTjRc_jKSmyEiCBL_4ex3_OWHTtm64Yiky2gNzga1s_I3D2--Da2Q6BHSp9wMIt2rWon6uAswYgsNW5EQeuIRE

Request Chain 279

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBfOCeSx48nggpKspbpCryY&google_cver=1&google_push=AavPq0NFOxhwfX-i4do_p6pSIbPXc9-_y2a88vMuLhPc6u9GuIxn5PM_Du-akRUGsbY_luYGQ0NHqzKVcKrLIUV-n93qAMFcskaH2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBfOCeSx48nggpKspbpCryY&google_hm=Y7Zp1SuNUbIj3eFffGgUfgAADRcAAAAB&google_nid=index&google_push=AavPq0NFOxhwfX-i4do_p6pSIbPXc9-_y2a88vMuLhPc6u9GuIxn5PM_Du-akRUGsbY_luYGQ0NHqzKVcKrLIUV-n93qAMFcskaH2Q

Request Chain 280

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIr_-wfYyqpldFg8Hu_8x9I&google_cver=1&google_push=AavPq0OigTqkYKtXl7LaTQoF4-Hm3qqX9vRJQOlMUcdORPsDv7PA_xMw9vHRpXrykH2HNF7zzZHETajYmmqYWwQvSDaO4Ao1ZalUWiU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OigTqkYKtXl7LaTQoF4-Hm3qqX9vRJQOlMUcdORPsDv7PA_xMw9vHRpXrykH2HNF7zzZHETajYmmqYWwQvSDaO4Ao1ZalUWiU

Request Chain 281

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0OfswEdpljt4QxO1VfYPO29cQC90xjOVKvB792mmvMZA5lFLzHfNCLpTqzDvQ0atxGIjORsn5nFgt2wo-t9WwglVLYjD8Quo_8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OfswEdpljt4QxO1VfYPO29cQC90xjOVKvB792mmvMZA5lFLzHfNCLpTqzDvQ0atxGIjORsn5nFgt2wo-t9WwglVLYjD8Quo_8

Request Chain 282

https://match.360yield.com/match/ebda?google_gid=CAESEMtuECY2OIMkdG-VwkuVaeU&google_cver=1&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1k7p3zyGwi55vrw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMtuECY2OIMkdG-VwkuVaeU&google_cver=1&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1k7p3zyGwi55vrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=M_19RYNaRDy0gpSG51GVvg&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1k7p3zyGwi55vrw

Request Chain 283

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0PCie0eVnYjMqt0FRTW4LDDUYivtByt8xpi0TgiFKIHHSm9g8f5yKC9rpYMj4IdgoRSfPQSHtZB4JzmYpzc6qsiPbe8giIl5Akr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PCie0eVnYjMqt0FRTW4LDDUYivtByt8xpi0TgiFKIHHSm9g8f5yKC9rpYMj4IdgoRSfPQSHtZB4JzmYpzc6qsiPbe8giIl5Akr HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 284

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NrHslUohAxSw_VV5hyBXwL0bSRoJvhb6wcRl8dftOc5fyDraiQC3qbkmlamcO3wlnxfhQCEa9pk9XG8cyX8YOIUYYZoAYgPI4W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NrHslUohAxSw_VV5hyBXwL0bSRoJvhb6wcRl8dftOc5fyDraiQC3qbkmlamcO3wlnxfhQCEa9pk9XG8cyX8YOIUYYZoAYgPI4W

Request Chain 289

https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D2556755939%26pi%3Dt.aa~a.412089228~rp.1%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D2%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%252C306x250%252C306x250%26nras%3D5%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D2885%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DU3iM7FLFov%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D55&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frivnepost.rv.ua&random=808341192306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D2556755939%26pi%3Dt.aa~a.412089228~rp.1%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D2%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%252C306x250%252C306x250%26nras%3D5%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D2885%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DU3iM7FLFov%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D55&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frivnepost.rv.ua&random=808341192306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 303

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 309

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 316

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDTJ8Ob_QXkqP6C89uf-aF4&google_cver=1&google_push=AavPq0OuzWqoKVM5LXHVT2x7gk611wJCKbgyoSLmPYm0wb0x7_8pyq-PORjfKY6wFvBlU6bLCH1AM0p68DWYTzF65xqPaaH7bhK_uA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4NTQyMDAzODYwNjIzMDI3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTJ8Ob_QXkqP6C89uf-aF4&google_cver=1

Request Chain 317

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGg8GgZhpkNaU6R1rA2N3Y&google_cver=1&google_push=AavPq0PkuqnYNxppUycNy72m4RC_9slq39ExgtSMJnBD6jWE-JBT3XyQXw4kDIyINLy1_dXj-Hpcung95dngDSwNSptDEnFNpQEFzw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0PkuqnYNxppUycNy72m4RC_9slq39ExgtSMJnBD6jWE-JBT3XyQXw4kDIyINLy1_dXj-Hpcung95dngDSwNSptDEnFNpQEFzw&google_hm=R5lDdlsBQ001Rb6aefR2AQ

Request Chain 318

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0NBY87_3_13BL9fKxeSf4h_eMheVe1O0sVoD-gkezVYESggCmI-UR2wWEMx9zkSF2KQ3PWmcEoNMgjXDznP6bNKkTcJKuN_EA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0NBY87_3_13BL9fKxeSf4h_eMheVe1O0sVoD-gkezVYESggCmI-UR2wWEMx9zkSF2KQ3PWmcEoNMgjXDznP6bNKkTcJKuN_EA

Request Chain 321

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0P2dRbgqv_siJNHL2mipnmsAn-O0HpuKiq-NEATb4PEUMSZZeht2NPYqpFXr7T3MGCpJ7Oc6MA2HI9Vnga6pJrSegvJQQs0Ew&google_gid=CAESEMVHJ3GTg3Gg-R3d4IBHJoI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0P2dRbgqv_siJNHL2mipnmsAn-O0HpuKiq-NEATb4PEUMSZZeht2NPYqpFXr7T3MGCpJ7Oc6MA2HI9Vnga6pJrSegvJQQs0Ew&google_gid=CAESEMVHJ3GTg3Gg-R3d4IBHJoI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMDUwNjEwMzAwMDA3ODg0NDg3MDkwMA%3D%3D&google_push=AavPq0P2dRbgqv_siJNHL2mipnmsAn-O0HpuKiq-NEATb4PEUMSZZeht2NPYqpFXr7T3MGCpJ7Oc6MA2HI9Vnga6pJrSegvJQQs0Ew

Request Chain 322

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJx1OdLVm2O3u4qypLSY56w&google_cver=1&google_push=AavPq0PdI_fNhmBxIdgHEZ_oD_cQaBrdxMo256bHmM-aU5I1n-JWQUeduBR-X-ok4hp31-ECOj3u4OYlJUyzN2rydhjXY5P8kyHvbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PdI_fNhmBxIdgHEZ_oD_cQaBrdxMo256bHmM-aU5I1n-JWQUeduBR-X-ok4hp31-ECOj3u4OYlJUyzN2rydhjXY5P8kyHvbw&google_hm=eS1xYWE0RGVoRTJwSE40ZmxrbTI0SWNRYkFxQ2htdW12Nn5B

Request Chain 331

https://pv.medialead.de/trck/epv/e99aace94e6e5873c9ff436dec89f16b?subid=69065900021213600951399012195005&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=69065900021213600951399012195005&actionid=981741&produktid=&dt_url=

Request Chain 332

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368

Request Chain 338

https://pv.medialead.de/trck/eview/e99aace94e6e5873c9ff436dec89f16b?subid=69065900021213600951399012195005 HTTP 302
https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_250x250.gif

Request Chain 370

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGg8GgZhpkNaU6R1rA2N3Y&google_cver=1&google_push=AavPq0OiSYXPpeQDy1G02zKxFeYGBjcqeczU4noG35zijTux112EwDAVj5XBds4plvAIaMFmJZKC1MWTV8ClPkJBS7lQ7N7r2gsfsA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OiSYXPpeQDy1G02zKxFeYGBjcqeczU4noG35zijTux112EwDAVj5XBds4plvAIaMFmJZKC1MWTV8ClPkJBS7lQ7N7r2gsfsA&google_hm=R5lDdlsBQ001Rb6aefR2AQ

Request Chain 372

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGponh44OgVUOwr1dgcvdpc&google_cver=1&google_push=AavPq0OvuceYORgDCwCL8v7yhYKCXdOaLP30Nt0_uwgL4mIOrzo9cosSBZdsB8mHpqo95HycrmYZBgj9a4zCp45yUujbDiTd74aASk4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QkRjtmnVSwG3Q5Tad24YNQ&google_push=AavPq0OvuceYORgDCwCL8v7yhYKCXdOaLP30Nt0_uwgL4mIOrzo9cosSBZdsB8mHpqo95HycrmYZBgj9a4zCp45yUujbDiTd74aASk4

Request Chain 373

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0M2Nt8DAqu3qzkSUIr-RlVj98JTKRqrYq_aXlwN7MJhB4bbmCCqM4m7PM1XJ8Wxqs-P3uSUH0BavmYC8Lggha9el735vL7nTnc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0M2Nt8DAqu3qzkSUIr-RlVj98JTKRqrYq_aXlwN7MJhB4bbmCCqM4m7PM1XJ8Wxqs-P3uSUH0BavmYC8Lggha9el735vL7nTnc

Request Chain 374

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELxUss0UtYYnkUpwL2EViLQ&google_cver=1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672899030558 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-703f0125-16b4-41cc-8d8c-314cac1ca49f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w%26google_hm%3DA3A_ASUWtEHMjYwxTKwcpJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w&google_hm=A3A_ASUWtEHMjYwxTKwcpJ8

Request Chain 375

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJqT2PwUoWeklEFbJ5_62zY&google_cver=1&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-SdENk HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-SdENk&google_gid=CAESEJqT2PwUoWeklEFbJ5_62zY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1NjIyMzY5OTIyOTkzMDIxMzUxOQ%3D%3D&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-SdENk

Request Chain 376

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NQNPS6aceCtZmy8xR1I3vugQRLnrNU_a_VitqBN2Z1sFDBH46NOYAXqBo5vnDqC2vIP50KIMD6Y1lkAByr-wMkYLlAO_XCVZuL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NQNPS6aceCtZmy8xR1I3vugQRLnrNU_a_VitqBN2Z1sFDBH46NOYAXqBo5vnDqC2vIP50KIMD6Y1lkAByr-wMkYLlAO_XCVZuL

446 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rivnepost.rv.ua/ 150 KB
21 KB 209ms
125ms Document
text/html 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

cc66888ba5462f9ed4ba6b78735ed6a711a7f9d1ff7d9a72356b8fe33d43f546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Jan 2023 06:10:27 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
rivnepost.rv.ua/css/ 79 KB
19 KB 35ms
34ms Stylesheet
text/css 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/css/style.css?1666945772

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

774568050d8f23c45ea5ea5500490dfe711b1d659d1ff5adde1f43c4e6b31d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 08:29:32 GMT
server: nginx
etag: W/"635b92ec-13d34"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RobotoRegular.woff
rivnepost.rv.ua/fonts/Roboto/RobotoRegular/ 42 KB
42 KB 67ms
67ms Font
font/woff 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/fonts/Roboto/RobotoRegular/RobotoRegular.woff

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

02bd512e4b796331633cb3ef1147566478b2df904fbbe8be15df6c2749f34641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rivnepost.rv.ua/
Origin: https://rivnepost.rv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11 Oct 2017 21:00:00 GMT
server: nginx
etag: "59de8650-a818"
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43032
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RobotoMedium.woff
rivnepost.rv.ua/fonts/Roboto/RobotoMedium/ 43 KB
43 KB 68ms
67ms Font
font/woff 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/fonts/Roboto/RobotoMedium/RobotoMedium.woff

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

e26f3c9c4b3c4c9b3d6b208aca35af098f2f5d64d60ef9cbaf868667f08c0426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rivnepost.rv.ua/
Origin: https://rivnepost.rv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11 Oct 2017 21:00:00 GMT
server: nginx
etag: "59de8650-aa48"
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43592
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RobotoBold.woff
rivnepost.rv.ua/fonts/Roboto/RobotoBold/ 43 KB
43 KB 68ms
67ms Font
font/woff 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/fonts/Roboto/RobotoBold/RobotoBold.woff

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

a4aec4617887c42671adfd70486d78b33e66ffabd89bf240decbccb07651a453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rivnepost.rv.ua/
Origin: https://rivnepost.rv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11 Oct 2017 21:00:00 GMT
server: nginx
etag: "59de8650-ac98"
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44184
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
rivnepost.rv.ua/javascript/ 84 KB
33 KB 68ms
68ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/jquery-2.2.4.min.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 17 Jun 2017 21:00:00 GMT
server: nginx
etag: W/"59459850-14e4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 231ms
95ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2108338005955045

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d575abcad806b32b73b96f401233c879209ed9f3873da9286d3a21b7cf9e45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Origin: https://rivnepost.rv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49652
x-xss-protection: 0
server: cafe
etag: 9701609700832581428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 141ms
46ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15709504-1

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f362f09cdbe2789b7d2e274901293bfccfe090c59baa48c2fbfabbba44a5a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 06:10:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2750
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 07:24:37 GMT

GET
H2 200 magazin-elektroniki-mobileplanet-ua.gif
rivnepost.rv.ua/images/adverts/ 25 KB
25 KB 39ms
36ms Image
image/gif 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/adverts/magazin-elektroniki-mobileplanet-ua.gif

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

219e7dfc44c71a52ad3e28fa1742a7d10747d84f164c2798be24ed23386e26a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26 Oct 2022 14:19:29 GMT
server: nginx
etag: "635941f1-6426"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25638
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vodokanal.png
rivnepost.rv.ua/images/ 27 KB
28 KB 40ms
37ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/vodokanal.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

6665e3a0ed76f324c68d2449041ae4297d8d133674263b616b586b9351619206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 09 Jan 2021 14:51:32 GMT
server: nginx
etag: "5ff9c2f4-6d29"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 27945
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ROEK.jpg
rivnepost.rv.ua/images/adverts/ 98 KB
98 KB 42ms
39ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/adverts/ROEK.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

313d73db3d7e386fcd2fcc9a250884bd4c093a9c1e3db0bc20f3df3da87bd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Mar 2022 15:40:44 GMT
server: nginx
etag: "62374afc-186db"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 100059
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Na_Shchaslyvomu_pc.jpg
rivnepost.rv.ua/images/adverts/ 79 KB
79 KB 49ms
47ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/adverts/Na_Shchaslyvomu_pc.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

9f7b04b664fc1079a2c37a2211cfa66a11efec378448d815897bf534c1644f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Sep 2022 11:07:33 GMT
server: nginx
etag: "632af075-13b05"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 80645
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 informers_js.php Show response
sinoptik.ua/ 1 KB
879 B 36ms
8ms Script
application/json 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303022830&lang=ua

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv150.fwdcdn.com

Software

nginx /

Resource Hash

ed8e9d019a37c3774ae15925ae3d7be1c3571993a32ee371a71b7835d609df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-store, no-cache, must-revalidate
date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: gzip
x-server-by: sinfe1
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: must-revalidate, post-check=0, pre-check=0
expires: 0

GET
H2 200 modernizr-custom.js Show response
rivnepost.rv.ua/javascript/ 6 KB
3 KB 74ms
72ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/modernizr-custom.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

e8761e37f0d5b6fc457e46eb96b986c1d3323025d26cb0f71593742f426ffb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 09 Aug 2017 21:00:00 GMT
server: nginx
etag: W/"598b77d0-162a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viewportchecker.js Show response
rivnepost.rv.ua/javascript/ 2 KB
1 KB 33ms
33ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/viewportchecker.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

7e7849d0b122eb6d61212250af1171bd1b28bc22f8401733439b8ed8ff9dbfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 Jan 2018 14:29:00 GMT
server: nginx
etag: W/"5a56232c-99a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.photobox.min.js Show response
rivnepost.rv.ua/javascript/ 17 KB
7 KB 75ms
72ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/jquery.photobox.min.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

4226f930e65a38c4a2b00405206414834254ccaf00459f829518844e58c205e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 24 Oct 2017 21:00:00 GMT
server: nginx
etag: W/"59efa9d0-43b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.bxslider.min.js Show response
rivnepost.rv.ua/javascript/ 23 KB
7 KB 75ms
73ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/jquery.bxslider.min.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 04 Jan 2021 17:16:31 GMT
server: nginx
etag: W/"5ff34d6f-5bf7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.tabslet.min.js Show response
rivnepost.rv.ua/javascript/ 3 KB
1 KB 76ms
74ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/jquery.tabslet.min.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

b9dd816eecfdf54b1c0da6183c0a5b0f1ccce385becad77f7d711bd214d59ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 25 Nov 2017 22:00:00 GMT
server: nginx
etag: W/"5a19e7e0-a63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel2.min.js Show response
rivnepost.rv.ua/javascript/ 42 KB
13 KB 76ms
75ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/owl.carousel2.min.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

a5574a57960f1f43537fb456a7b3dc84ceee30603c52b9bfdb1ea9aae7c66ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 23 Sep 2017 21:00:00 GMT
server: nginx
etag: W/"59c6cb50-a6c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
rivnepost.rv.ua/javascript/ 8 KB
3 KB 39ms
36ms Script
application/javascript 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rivnepost.rv.ua/javascript/scripts.js?11618254641

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

3eb27dddff57dcf114566fdce910e4ea41d7445bcedf8a7a1912ad6dd81fc4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 19:10:41 GMT
server: nginx
etag: W/"60749b31-2113"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
46 KB 179ms
85ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG68X6C

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e504b020deabded5ee0d6f257c0aa59180accbc52838ddec106d233204be722a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46546
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 06:10:27 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 211 KB
84 KB 40ms
11ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d51fb3da034945987b624f6f771a9489b35f196d83f43ecab125869af5ae4bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 42313
x-jsd-version: 1.255.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85687
x-served-by: cache-fra-eddf8230060-FRA, cache-hhn-etou8220082-HHN
x-jsd-version-type: version
etag: W/"34dfe-lTaq29MlUt6eCLmFLZo4qfZAEqA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sprites4.png
rivnepost.rv.ua/images/ 20 KB
20 KB 74ms
74ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/sprites4.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/css/style.css?1666945772

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

4b81a3bccc554dbca429e4e0c91d05147cface6fed0f527b6ae81c40c571e56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/css/style.css?1666945772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 09 Jan 2021 14:39:32 GMT
server: nginx
etag: "5ff9c024-4f84"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 20356
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20221114155334_4513.png
rivnepost.rv.ua/img/ 4 KB
4 KB 70ms
69ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/20221114155334_4513.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

7edd53db8a75e4901964ef11b21ba64506ea7d091ebb2ebe21c0664c5e6195f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14 Nov 2022 13:53:34 GMT
server: nginx
etag: "6372485e-e28"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3624
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-company.png
rivnepost.rv.ua/images/ 8 KB
8 KB 70ms
70ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/logo-company.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

8176f4510683ca8e677c53050fcc89db9a452f2aa435120a1a91d165ea9f6ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Oct 2018 08:59:09 GMT
server: nginx
etag: "5bb484dd-20e3"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8419
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 na-viyni-zahinuv-brat-nachalnika-z-rivnoho_20230105_7347.jpg
rivnepost.rv.ua/img/650/ 274 KB
274 KB 42ms
31ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/650/na-viyni-zahinuv-brat-nachalnika-z-rivnoho_20230105_7347.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

0b90becb6aff9714af4489d686d31698f3ca47a9db18cc87ee0080c43b47f56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 22:21:37 GMT
server: nginx
etag: "63b5fbf1-447be"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 280510
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 na-viyni-zahinuv-brat-nachalnika-z-rivnoho_20230105_7347.jpg
rivnepost.rv.ua/img/300/ 77 KB
77 KB 62ms
52ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/na-viyni-zahinuv-brat-nachalnika-z-rivnoho_20230105_7347.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

f31c2698a1d86ac2a363dc94174ae96b3c4c4552f8a48a3e54947bf969e1613e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 22:21:37 GMT
server: nginx
etag: "63b5fbf1-133c1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 78785
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rivnenski-patrulni-povernuli-dodomu-92richnu-zhink_20230104_9186.png
rivnepost.rv.ua/img/100/ 18 KB
19 KB 64ms
54ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/rivnenski-patrulni-povernuli-dodomu-92richnu-zhink_20230104_9186.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

8ed0585788a4d58cf34f021ff0f3277a3ed46d1f51f32d2e3cbbf9408963bc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 12:29:26 GMT
server: nginx
etag: "63b57126-4961"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18785
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 u-kostopoli-v-marshrutkakh-mozhna-rozrakhuvatisya-_20230104_4620.jpg
rivnepost.rv.ua/img/100/ 9 KB
9 KB 64ms
54ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/u-kostopoli-v-marshrutkakh-mozhna-rozrakhuvatisya-_20230104_4620.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

8fe3313de60c6caf4d1138c94b87fabacbd7487cb62c8bec5f415fce07590b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 12:21:35 GMT
server: nginx
etag: "63b56f4f-22cb"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8907
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 u-rivnomu-demontuvali-nezakonnu-sporudu-bilya-maha_20230104_4455.png
rivnepost.rv.ua/img/100/ 15 KB
15 KB 65ms
56ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/u-rivnomu-demontuvali-nezakonnu-sporudu-bilya-maha_20230104_4455.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

9e37f64261cc0b4b5a5f6ac79ad14a609e79d43d30f3d3a01d6dfcd811663906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 10:41:08 GMT
server: nginx
etag: "63b557c4-3a62"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14946
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 u-rivnomu-bude-haryacha-voda_20230104_4661.jpg
rivnepost.rv.ua/img/100/ 7 KB
8 KB 66ms
56ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/u-rivnomu-bude-haryacha-voda_20230104_4661.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

7954f8eaaa36c9c8f73114036f99f0fa555200cc4bb3d8cd69b65676dfe340fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 09:17:48 GMT
server: nginx
etag: "63b5443c-1dd2"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7634
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rivnyan-zaproshuyut-popratsyuvati-vodiem-marshrutk_20230104_9940.jpg
rivnepost.rv.ua/img/100/ 10 KB
11 KB 66ms
57ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/rivnyan-zaproshuyut-popratsyuvati-vodiem-marshrutk_20230104_9940.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

591b86e90f46c59a6e8244c9a630923141d18a813301f5a894f9004c419b8a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 07:25:54 GMT
server: nginx
etag: "63b52a02-293d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10557
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oprilyudnili-novi-hrafiki-vidklyuchen-elektroenerh_20230104_1256.jpg
rivnepost.rv.ua/img/300/ 25 KB
25 KB 67ms
58ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/oprilyudnili-novi-hrafiki-vidklyuchen-elektroenerh_20230104_1256.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

c8e8f301e3ea4f93c90e3f1789684b12ab51c370f11610f51b5c60ca2eb9df6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 19:02:08 GMT
server: nginx
etag: "63b5cd30-6429"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25641
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rivnenski-auditori-viyavili-u-lisivnikiv-porushen-_20230104_4814.webp
rivnepost.rv.ua/img/100/ 2 KB
2 KB 67ms
59ms Image
image/webp 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/rivnenski-auditori-viyavili-u-lisivnikiv-porushen-_20230104_4814.webp

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

50ddb8a77f96819b49e4172fd16830b21eb2b57795c2392e7769b517cf68fa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 15:48:02 GMT
server: nginx
etag: "63b59fb2-696"
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1686
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sbu-rozpovilo-meshkantsyam-rivnenshchini-yak-diyat_20230104_7319.jpg
rivnepost.rv.ua/img/100/ 6 KB
6 KB 68ms
59ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/sbu-rozpovilo-meshkantsyam-rivnenshchini-yak-diyat_20230104_7319.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

29404c82c5a2288701f968df758e8f6fd4699299dee0a2adacf705f6ee50a89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 16:05:54 GMT
server: nginx
etag: "63b5a3e2-186d"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6253
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sud-styahnuv-z-rivnyanki-nadmiru-viplachenu-zhitlo_20230104_2492.jpg
rivnepost.rv.ua/img/100/ 7 KB
7 KB 68ms
60ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/sud-styahnuv-z-rivnyanki-nadmiru-viplachenu-zhitlo_20230104_2492.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

abfb117d952fe4152f16c10822931953195ae00ad6a15a9abd6c80666b686534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 15:19:39 GMT
server: nginx
etag: "63b5990b-1c91"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7313
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lyudyam-vazhlivo-zberihati-spokiy-vidomiy-oboronet_20230104_5227.jpg
rivnepost.rv.ua/img/100/ 6 KB
6 KB 70ms
61ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/lyudyam-vazhlivo-zberihati-spokiy-vidomiy-oboronet_20230104_5227.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

8395294a270cc3865dbd6d5d613612e50e7d5f9f054544df8e95d4755f513e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 14:28:48 GMT
server: nginx
etag: "63b58d20-1837"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6199
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 meshkantsiv-rivnenshchini-poperedzhayut-pro-zamoro_20230104_1009.jpeg
rivnepost.rv.ua/img/100/ 7 KB
8 KB 70ms
62ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/meshkantsiv-rivnenshchini-poperedzhayut-pro-zamoro_20230104_1009.jpeg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

0db5a7df2655e3c5ee1c079264722dc432198b671de42582fb3790a3e4e15469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 14:44:22 GMT
server: nginx
etag: "63b590c6-1dd8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7640
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 epifaniy-provede-rizdvyane-bohosluzhinnya-u-holovn_20230104_5319.jpg
rivnepost.rv.ua/img/300/ 49 KB
50 KB 75ms
67ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/epifaniy-provede-rizdvyane-bohosluzhinnya-u-holovn_20230104_5319.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

9a3da18c68e9552a1ddfcfc19d9be51f1f464eb83b8aa94cbc5fbb050e75930f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 20:39:45 GMT
server: nginx
etag: "63b5e411-c568"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 50536
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ukraina-planue-nastup-navesni-budanov_20230104_9090.jpg
rivnepost.rv.ua/img/100/ 7 KB
7 KB 75ms
67ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/ukraina-planue-nastup-navesni-budanov_20230104_9090.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

7cc3b226a8fceeef802a13091d6f0e96ed4222ab88373305e555a8b9e40b8f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 15:55:00 GMT
server: nginx
etag: "63b5a154-1b5c"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7004
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ukraintsi-shvidko-stvorili-tsifrovu-merezhu-keruva_20230104_5643.jpg
rivnepost.rv.ua/img/100/ 7 KB
8 KB 76ms
68ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/ukraintsi-shvidko-stvorili-tsifrovu-merezhu-keruva_20230104_5643.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

b109010de8a42aa1daa08dbdfc84859dec8a69f9567cde5463d4d2233b11d993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 15:33:10 GMT
server: nginx
etag: "63b59c36-1ddf"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7647
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rozvidniki-zayavlyayut-shcho-u-rosii-aktivizuvalis_20230104_5112.jpg
rivnepost.rv.ua/img/100/ 8 KB
9 KB 76ms
68ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/rozvidniki-zayavlyayut-shcho-u-rosii-aktivizuvalis_20230104_5112.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

7b814f266598d065d5086eac41af0b67c907b6e0f42e88ed65908f247864a696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 14:50:43 GMT
server: nginx
etag: "63b59243-216a"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8554
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 povitryani-sili-ukraini-poyasnili-chomu-zbivayut-d_20230104_3932.webp
rivnepost.rv.ua/img/100/ 2 KB
2 KB 76ms
68ms Image
image/webp 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/povitryani-sili-ukraini-poyasnili-chomu-zbivayut-d_20230104_3932.webp

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

74cd6899b72be5df6571d5ea0789a87d3a31861fc3577945da7edf945462143e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 12:53:06 GMT
server: nginx
etag: "63b576b2-7c4"
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1988
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shestiklasnitsya-z-varasha-zrobila-nayharnishu-lya_20230104_1343.png
rivnepost.rv.ua/img/100/ 13 KB
13 KB 76ms
69ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/shestiklasnitsya-z-varasha-zrobila-nayharnishu-lya_20230104_1343.png

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

ab8472bb68bf9db2b9a40bb2070e338586f49ce2d66d84f3a211ce80ad378afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 12:26:48 GMT
server: nginx
etag: "63b57088-336f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13167
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20171219161700_7908.jpg
rivnepost.rv.ua/img/ 3 KB
3 KB 76ms
69ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/20171219161700_7908.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

c24ac47bf194dbe50027e830e5c295cafebd2c3b17db96ad7b70f4c5ef97a97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2018 07:09:00 GMT
server: nginx
etag: "5ad6ef0c-a07"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2567
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%9D%D0%B5%D1%81%D0%B5%D0%BD%D1%8E%D0%BA%20%D0%9C%D0%B8%D0%BA%D0%BE%D0%BB%D0%B0.jpg
rivnepost.rv.ua/images/image/ 44 KB
45 KB 76ms
69ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/image/%D0%9D%D0%B5%D1%81%D0%B5%D0%BD%D1%8E%D0%BA%20%D0%9C%D0%B8%D0%BA%D0%BE%D0%BB%D0%B0.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

e17874f13674ae869e8066c8590649ad47e8744071f8a5f191b91b05b629173a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Mar 2019 08:18:48 GMT
server: nginx
etag: "5c80d3e8-b13e"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 45374
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 veres-zaproshue-futbolistiv-na-vidbir-do-holovnoi-_20230104_2429.jpeg
rivnepost.rv.ua/img/300/ 48 KB
49 KB 76ms
70ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/veres-zaproshue-futbolistiv-na-vidbir-do-holovnoi-_20230104_2429.jpeg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

a06d0ea2b16836a63e22763dea33656b82107871b5ef7a510a0368acbfcc7d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 12:07:43 GMT
server: nginx
etag: "63b56c0f-c149"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 49481
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zakhisnik-prodovzhiv-kontrakt-z-veresom_20221231_9353.jpg
rivnepost.rv.ua/img/100/ 8 KB
9 KB 77ms
70ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/zakhisnik-prodovzhiv-kontrakt-z-veresom_20221231_9353.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

22b39fb5e4a7644fbb1231299e1931e5072954489aaeef4b72bd4fd447c1c99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 31 Dec 2022 13:43:45 GMT
server: nginx
etag: "63b03c91-217f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8575
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 na-rivnenshchini-nahorodili-heroiv-sportivnoho-rok_20221230_7189.jpg
rivnepost.rv.ua/img/100/ 9 KB
9 KB 77ms
70ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/na-rivnenshchini-nahorodili-heroiv-sportivnoho-rok_20221230_7189.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

4fe27dc5603d02799babea00d5a93a207c790d03d2efaffc10272d117c529f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 16:26:49 GMT
server: nginx
etag: "63af1149-24e1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9441
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mi-za-ukrainu-vi-za-putina20220228_7705.jpg
rivnepost.rv.ua/img/200/ 30 KB
30 KB 77ms
70ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/200/mi-za-ukrainu-vi-za-putina20220228_7705.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

61e63537109a4474c39e89760d780386db0240b782c50f5ccc4c5f1fb2afd3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 28 Feb 2022 16:04:50 GMT
server: nginx
etag: "621cf2a2-7780"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 30592
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oxfordastrazeneca-viprobuvano-na-sobi20210423_6538.jpg
rivnepost.rv.ua/img/200/ 22 KB
22 KB 77ms
71ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/200/oxfordastrazeneca-viprobuvano-na-sobi20210423_6538.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

e3d0b3516ee9881341c3dba8bd0193fadee65c5f230af0657dc8f942610baa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 23 Apr 2021 12:56:10 GMT
server: nginx
etag: "6082c3ea-567c"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22140
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pyatero-molodikh-vchenikh-rivnenshchini-otrimayut-_20210417_6436.jpg
rivnepost.rv.ua/img/200/ 26 KB
27 KB 77ms
71ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/200/pyatero-molodikh-vchenikh-rivnenshchini-otrimayut-_20210417_6436.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

0417dead21bcf3fcd769590ebad2c6831a287c8168c7c259376afb36424464b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17 Apr 2021 10:11:38 GMT
server: nginx
etag: "607ab45a-6946"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 26950
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 britantsi-vikhodyat-z-lokdaunu-postupovo-bulkami20210416_3372.jpg
rivnepost.rv.ua/img/200/ 21 KB
22 KB 77ms
71ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/200/britantsi-vikhodyat-z-lokdaunu-postupovo-bulkami20210416_3372.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

c0ba943c44e2e38b0c8b49700b8aa91390c90e43c078ebba8a014dddc80c4975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Apr 2021 07:33:40 GMT
server: nginx
etag: "60793dd4-55d7"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21975
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 informers2.css
sinst.fwdcdn.com/css/ 15 KB
2 KB 22ms
7ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=4&wind=2&cities=303022830&lang=ua
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 07:03:52 GMT
server: nginx
etag: W/"57469fd8-3d41"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 189ms
44ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16854977&s16853377&t0&c1&n601511&w0&y0&d24&r1600
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 9dae30d4c2979ac8f151ca00c687a994817cc1077566fa210ecb0051832b2e8e

Request headers

Referer: https://rivnepost.rv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:27 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 5-sichnya-svyata-narodni-prikmeti-imeninniki-podii_20230104_5937.jpg
rivnepost.rv.ua/img/300/ 41 KB
41 KB 59ms
52ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/5-sichnya-svyata-narodni-prikmeti-imeninniki-podii_20230104_5937.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

5af877ab099676a8fc6227ef601aa902e882669a41a2fa8d4cb6eb29cd59f246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 19:29:50 GMT
server: nginx
etag: "63b5d3ae-a4f2"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42226
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 astrolohichniy-prohnoz-na-5-sichnya-2_20230102_7324.jpg
rivnepost.rv.ua/img/300/ 57 KB
57 KB 59ms
47ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/astrolohichniy-prohnoz-na-5-sichnya-2_20230102_7324.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

e8fd9399a8dd6820dacc10809bd0eb4006b20ea1b39aa5ad493a516c60464287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 02 Jan 2023 18:30:42 GMT
server: nginx
etag: "63b322d2-e3bb"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 58299
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yaki-heneratori-kupiti-benzinovi-ustanovki-proti-d_20221228_4221.jpg
rivnepost.rv.ua/img/100/ 7 KB
7 KB 59ms
48ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/yaki-heneratori-kupiti-benzinovi-ustanovki-proti-d_20221228_4221.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

2491566f8e85ceaca9dbc4a9eb51e58364c383b685f15a851c12267f2991ec63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Dec 2022 16:49:09 GMT
server: nginx
etag: "63ac7385-1ba5"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7077
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yak-pravilno-dohlyadati-za-pilososom-dayson-povne-_20221226_2407.jpg
rivnepost.rv.ua/img/100/ 7 KB
7 KB 59ms
48ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/yak-pravilno-dohlyadati-za-pilososom-dayson-povne-_20221226_2407.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

f07dcd68dec7e9227b28fd2ac073c9da7561d5a249c98482f23e3f215c49948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Dec 2022 16:40:05 GMT
server: nginx
etag: "63a9ce65-1c65"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7269
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 osoblivosti-formuvannya-vartosti-kasko_20221221_9677.jpg
rivnepost.rv.ua/img/100/ 10 KB
10 KB 60ms
49ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/osoblivosti-formuvannya-vartosti-kasko_20221221_9677.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

304f26ae793fb1b1f06b2ba7f0ac10f47526d8a91714ebc8e55b4afdc784b58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Dec 2022 07:46:01 GMT
server: nginx
etag: "63a2b9b9-277c"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10108
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sposobi-ta-osoblivosti-znyattya-lyudini-z-reestrat_20221129_2844.jpg
rivnepost.rv.ua/img/100/ 7 KB
8 KB 60ms
49ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/sposobi-ta-osoblivosti-znyattya-lyudini-z-reestrat_20221129_2844.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

a5ab79f1838fd9971cd4dbc3e40c01bda11814d5f0eb5a486779e9a89409a322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 29 Nov 2022 14:41:19 GMT
server: nginx
etag: "63861a0f-1dba"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7610
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 film-yakiy-znyala-rivnyanka-pokazhut-v-ukraini-1-s_20221231_2010.jpg
rivnepost.rv.ua/img/300/ 36 KB
36 KB 60ms
50ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/film-yakiy-znyala-rivnyanka-pokazhut-v-ukraini-1-s_20221231_2010.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

c21ed7d28f1b34db5fb354e6a6cd64d28767f82f585b7ac8a7af65cd07f5e20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 31 Dec 2022 11:29:09 GMT
server: nginx
etag: "63b01d05-9032"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36914
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sohodni-nadii-kosmiadi-vipovnilos-bi-99-rokiv-vide_20221229_2006.jpg
rivnepost.rv.ua/img/100/ 7 KB
8 KB 61ms
51ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/sohodni-nadii-kosmiadi-vipovnilos-bi-99-rokiv-vide_20221229_2006.jpg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

82c16023959247300e9248d76c8531dc46569d86199ae0e55f53feea6a31f843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Dec 2022 20:28:31 GMT
server: nginx
etag: "63adf86f-1dd0"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7632
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oblasniy-teatr-lyalok-zaproshue-na-rizdvyanu-nich_20221229_9875.jpeg
rivnepost.rv.ua/img/100/ 12 KB
12 KB 66ms
56ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/100/oblasniy-teatr-lyalok-zaproshue-na-rizdvyanu-nich_20221229_9875.jpeg

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

47ff27c51800a600b8d24c225e65f0b194f4391287acea4bb79870ca8fd0129e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Dec 2022 10:57:29 GMT
server: nginx
etag: "63ad7299-2ebf"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11967
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-t2.png
sinst.fwdcdn.com/img/informers/ 1 KB
1 KB 8ms
6ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/logo-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-512"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1298
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H2 200 hlc-t2.png
sinst.fwdcdn.com/img/informers/ 181 B
389 B 10ms
8ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/hlc-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
x-server-by: sinfe3
last-modified: Wed, 05 Nov 2014 09:28:02 GMT
server: nginx
etag: "5459eda2-b5"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 181
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H2 200 term-t2.png
sinst.fwdcdn.com/img/informers/ 406 B
616 B 10ms
8ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/term-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-196"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 406
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H2 200 s-informers-t2.png
sinst.fwdcdn.com/img/informers/ 33 KB
33 KB 11ms
9ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/s-informers-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-8433"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 33843
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H2 200 frc-t1.png
sinst.fwdcdn.com/img/informers/ 155 B
364 B 17ms
15ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-9b"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H2 200 flc-t1.png
sinst.fwdcdn.com/img/informers/ 148 B
357 B 17ms
16ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-94"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 148
expires: Fri, 05 Jan 2024 06:10:27 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...

264 B
299 B

55ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A818395530986%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A639471813%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Ast%3A1672899028&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

dc085cdb760a6430d2b4d558328898ece2ebc5d1e48b90c5c97fdee42bc1d54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 05-Jan-2023 06:10:27 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:27 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A818395530986%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A639471813%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Ast%3A1672899028&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:27 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/45619668/
Redirect Chain

https://mc.yandex.ru/watch/45619668?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...
https://mc.yandex.ru/watch/45619668/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...

447 B
529 B

48ms
48ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/45619668/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1446949455564%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A256191159%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Arqnl%3A1%3Ast%3A1672899028%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A0%D1%96%D0%B2%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20%E2%80%94%20%D0%A0%D1%96%D0%B2%D0%BD%D0%B5%20%D0%92%D0%B5%D1%87%D1%96%D1%80%D0%BD%D1%94&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

04602ee5368e5713db1db0688de69cd4f0cf9832b00a038ed6e8d1e31ee646d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 05-Jan-2023 06:10:27 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:27 GMT
location: /watch/45619668/1?wmode=7&page-url=https%3A%2F%2Frivnepost.rv.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1446949455564%3Ahid%3A590167335%3Az%3A0%3Ai%3A20230105061027%3Aet%3A1672899028%3Ac%3A1%3Arn%3A256191159%3Arqn%3A1%3Au%3A1672899028847563326%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A15%2C69%2C125%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899027143%3Arqnl%3A1%3Ast%3A1672899028%3At%3A%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A0%D1%96%D0%B2%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20%E2%80%94%20%D0%A0%D1%96%D0%B2%D0%BD%D0%B5%20%D0%92%D0%B5%D1%87%D1%96%D1%80%D0%BD%D1%94&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 45ms
43ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1691984888&t=pageview&_s=1&dl=https%3A%2F%2Frivnepost.rv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A0%D1%96%D0%B2%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20%E2%80%94%20%D0%A0%D1%96%D0%B2%D0%BD%D0%B5%20%D0%92%D0%B5%D1%87%D1%96%D1%80%D0%BD%D1%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2021077598&gjid=1667809791&cid=555107083.1672899028&tid=UA-15709504-1&_gid=960842627.1672899028&_r=1&_slc=1&z=51841468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rivnepost.rv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15709504-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MG68X6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35bb9c8d06e05ee24934e2baa021a18c2451da7ae39fe8b622066dac9db376cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 06:10:27 GMT

GET
H2 200 b58_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 162ms
39ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b58_top.gif
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 80f51247135179b0d18e32d4ea0289bf083da9fe6618a9ffbe5dd3278e224cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Sun, 08 Jan 2023 06:10:27 GMT

GET
H2 200 b58_center.gif
i.bigmir.net/cnt/samples/diagonal/ 79 B
250 B 162ms
39ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b58_center.gif
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 929a54c6d4cfc5161225586076c54de978025c9218a466e45e2431a9947e16b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 79
expires: Sun, 08 Jan 2023 06:10:27 GMT

GET
H2 200 b58_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 163ms
40ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b58_bottom.gif
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: bb2d2f0c1d273a3b019680b2b6ad6f933cd26b57742cbd970f11c1b4866490bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Sun, 08 Jan 2023 06:10:27 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
185 B 51ms
48ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
etag: "63ae6ee1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 05 Jan 2023 07:10:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 31ms
13ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2b608f6ada3b15d3a74c0040c435d748aa3ed724336938a8cba44e7c76983b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:27 GMT
content-md5: LLLwBAfEUNjTv61Q2sWAYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: 1UVZUlXrut49JL4+6e2IEJ2JMQzPbvNwkK/GxFWZLlsAqzYCiSV/2PrHhjdLSqiPQFmGrzL/XAzJzMnuKhJoeg==
x-fb-trip-id: 917726464
x-fb-content-md5: 1ea127a2423d6ba96196e16de51b50f7
cross-origin-opener-policy: same-origin-allow-popups
etag: "21b70817ddfa11bea521b782c7c84e32"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 06:22:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 06:10:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: He5dBjqyGNqRj9pnOUdTybZYRY4MV5UBNDHkHCMi9Gk/9B37iwwji/j/WAZHnBXumXUrbar8YqSVMWMOFRMp0g==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1691984888&t=pageview&_s=1&dl=https%3A%2F%2Frivnepost.rv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A0%D1%96%D0%B2%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%96%20%E2%80%94%20%D0%A0%D1%96%D0%B2%D0%BD%D0%B5%20%D0%92%D0%B5%D1%87%D1%96%D1%80%D0%BD%D1%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1002187527&gjid=47737353&cid=555107083.1672899028&tid=UA-15709504-1&_gid=960842627.1672899028&_r=1&gtm=2oubu0&z=855509699

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rivnepost.rv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 73ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-15709504-1&cid=555107083.1672899028&jid=2021077598&gjid=1667809791&_gid=960842627.1672899028&_u=IEBAAEAAAAAAACAAI~&z=232853806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rivnepost.rv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 205ms
109ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2108338005955045&plah=rivnepost.rv.ua&bust=31071219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2108338005955045

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f810bc2b76a03a217922206f2ffc0b52a7a6b00ebcd0827edab3b49739c901a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119979
x-xss-protection: 0
server: cafe
etag: 5858524283915793646
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame EAA2 10 KB
5 KB 116ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2108338005955045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:04:43 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 04:04:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-15709504-1&cid=555107083.1672899028&jid=1002187527&gjid=47737353&_gid=960842627.1672899028&_u=aEDAAUABAAAAACAAI~&z=879320346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rivnepost.rv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rivnepost.rv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9874.Qu_hD40KQqHJIswTmU-WNt5T2vsO3B_x9qlI8dAf3WvhLsJRJam49rzZXklcAiBb.GU55Q9U8G0-M8D-kQwAgHJJjJoQ%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9874.GA3xtXp5PQ6gvGy9WNDHQU7imHvW25QXZSwxDvlZ9uPtqQyQIkpMip8-_bRQFPrkCBThL7efF1Hb9qrf5yNSrrMAapwOL69ebxbt-fuQmXX4J0Qnmlm7qLtxJdbTOeHwQ9f3sbS1v...

43 B
506 B

57ms
57ms

Image
image/gif

149.5.244.20
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9874.GA3xtXp5PQ6gvGy9WNDHQU7imHvW25QXZSwxDvlZ9uPtqQyQIkpMip8-_bRQFPrkCBThL7efF1Hb9qrf5yNSrrMAapwOL69ebxbt-fuQmXX4J0Qnmlm7qLtxJdbTOeHwQ9f3sbS1vuWB9OS21K9sqyXQFPkYyeYo6L9Wdxe6EE8MHPITZ2MKfVM_daasKsChy9epDwjPrVR-IclEqUMpNealLUeUdmeiOtdop9hKY7U%2C.GaZIKshhYKF4If1mOF6arJ9S3Hk%2C

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Server

149.5.244.20 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9874.GA3xtXp5PQ6gvGy9WNDHQU7imHvW25QXZSwxDvlZ9uPtqQyQIkpMip8-_bRQFPrkCBThL7efF1Hb9qrf5yNSrrMAapwOL69ebxbt-fuQmXX4J0Qnmlm7qLtxJdbTOeHwQ9f3sbS1vuWB9OS21K9sqyXQFPkYyeYo6L9Wdxe6EE8MHPITZ2MKfVM_daasKsChy9epDwjPrVR-IclEqUMpNealLUeUdmeiOtdop9hKY7U%2C.GaZIKshhYKF4If1mOF6arJ9S3Hk%2C
date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
87 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=8951e5265451f4a6262f54b897d25a4a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1205c7aedb7c75b00c82d65926f4c5220d437e4970b9e4a5a395456cedc441d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rivnepost.rv.ua/
Origin: https://rivnepost.rv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:27 GMT
content-md5: 5kuLKarDlE+D3fGH2Td2wQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88574
x-fb-rlafr: 0
x-fb-debug: L+ZZgk4htMrVqX9qsrKPKYgF4AYmnNxGQGHec6iv48H8ZV8taVsywnek/m73lIdqzMpr2wx8QT+83PSLcDE1BA==
x-fb-content-md5: e5eb0522297e5631d877708b03bf7465
cross-origin-opener-policy: same-origin-allow-popups
etag: "ee80d656e28c94f6d8ed397f1eabe739"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 05:42:23 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 128ms
47ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15709504-1&cid=555107083.1672899028&jid=2021077598&_u=IEBAAEAAAAAAACAAI~&z=213455300

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 189ms
72ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15709504-1&cid=555107083.1672899028&jid=2021077598&_u=IEBAAEAAAAAAACAAI~&z=213455300

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2280875695319734 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2280875695319734?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c4cd9b147000e4bb98618a2ee62a028f96dc6b6aa16bd66c115fe318f7556ee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 06:10:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85863
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rKBWvZxsTiNlLGV1fvzEaFBkByhXDi60FCiBx5NoxyQ28MvGUhZQwO96P69zg8y19JhKAK7DorfmXtVcM1CSYw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 120ms
48ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15709504-1&cid=555107083.1672899028&jid=1002187527&_u=aEDAAUABAAAAACAAI~&z=174741370

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 179ms
71ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15709504-1&cid=555107083.1672899028&jid=1002187527&_u=aEDAAUABAAAAACAAI~&z=174741370

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2280875695319734&ev=PageView&dl=https%3A%2F%2Frivnepost.rv.ua%2F&rl=&if=false&ts=1672899027955&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1672899027953.1406215489&it=1672899027900&coo=false&rqm=GET

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 06:10:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2280875695319734&ev=ViewContent&dl=https%3A%2F%2Frivnepost.rv.ua%2F&rl=&if=false&ts=1672899027956&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.2.1672899027953.1406215489&it=1672899027900&coo=false&rqm=GET

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 06:10:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2280875695319734&ev=Search&dl=https%3A%2F%2Frivnepost.rv.ua%2F&rl=&if=false&ts=1672899027957&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.2.1672899027953.1406215489&it=1672899027900&coo=false&rqm=GET

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 06:10:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
701 B 133ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rivnepost.rv.ua&callback=_gfp_s_&client=ca-pub-2108338005955045&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2108338005955045&plah=rivnepost.rv.ua&bust=31071219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feb8edc152f26eace677b0c96d51de5dce2b65fa49e816f7a26e7f503181d971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rivnepost.rv.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 123ms
44ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rivnepost.rv.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C46 452 KB
72 KB 614ms
534ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&adk=1812271804&adf=3025194257&lmt=1672899028&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Frivnepost.rv.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027841&bpp=11&bdt=486&idt=334&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5417183431727&frm=20&pv=2&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a379010b82284444f5420cb52b31a8a14859aea6af2d5c75a958d2e6f82e3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 73921
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:28 GMT
expires: Thu, 05 Jan 2023 06:10:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76A1 23 KB
10 KB 509ms
437ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=280&adk=3105171064&adf=270333701&pi=t.aa~a.3789576887~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1672899028&rafmt=1&to=qs&pwprc=1092727598&format=1000x280&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027852&bpp=3&bdt=497&idt=353&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddrACp4p4u&p=https%3A//rivnepost.rv.ua&dtd=356

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52dd555cf84cace5c4f8cec4c08b5081861417a3458955e609e4ac945f7eeb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:28 GMT
expires: Thu, 05 Jan 2023 06:10:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0485 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://rivnepost.rv.ua
Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://rivnepost.rv.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:28 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 76A1 3 KB
1 KB 170ms
52ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=280&adk=3105171064&adf=270333701&pi=t.aa~a.3789576887~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1672899028&rafmt=1&to=qs&pwprc=1092727598&format=1000x280&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027852&bpp=3&bdt=497&idt=353&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddrACp4p4u&p=https%3A//rivnepost.rv.ua&dtd=356

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 76A1 18 KB
8 KB 165ms
47ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76A1 154 KB
48 KB 134ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 76A1 0
0 135ms
134ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcWsO1Gm2Y-DLEoLF7_UP2auCuA3JntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTgAU_QdoBGLMSqZYA9cxKG2bya11O1idQf8bO7vwpms3l9ZMql_XjodY-xPuF0jflACcBcmI5b0gqGqxQQ531NAXXpQp7ZkC8vfb4_S8BdCORW5C0I5c26J3YRPjuDqPP7J22pokgcL2emKaqu4APQKmZhx2eDycgZebeMa3cktLRfUOQMdoyWZnQEzaAc5lXbP0rIz3ACt5u6BAJ58OvMeeLfZ5jLdoJj6QHKGlvl2RRBR2PqMqPZqs_79hq1pDBAbSNkjCZgcw6c_2UzSC-7DGtZIZn3v_tQlv6EFmYutKlbgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTA4MzM4MDA1OTU1MDQ1GAA&sigh=VXCjHZbBZVQ&uach_m=[UACH]&cid=CAQSGwDq26N9xl8YQIy9BYTnduWzya4GfJW-bmxNABgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=280&adk=3105171064&adf=270333701&pi=t.aa~a.3789576887~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1672899028&rafmt=1&to=qs&pwprc=1092727598&format=1000x280&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027852&bpp=3&bdt=497&idt=353&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddrACp4p4u&p=https%3A//rivnepost.rv.ua&dtd=356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 76A1 0
0 57ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kaW_EMz6ROgHmAKdg2ICAgAAADBumPzxU7dccNRnexDUabZj8gBoC4YuQu83ofIAEgAA&wp=Y7Zp1AAEpeAIu-KCAACV2Slqeu7Rpyo-YRPVxQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 161021
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FEF2 145 KB
49 KB 133ms
93ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7Zp1AAEpeAIu-KCAACV2Slqeu7Rpyo-YRPVxQ&u=%7CxJlgnc66FlmITDP58d%2FjkJVBDJIl12i7Oxs56joKc3s%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcz9--kQqKO-RFHDoku9qmqKQqEP_d1As5CtMTN0vPYZlXEE2mjHDFqNSCBr7XSW09lfDrWYH2mpa9e71_fmgarao6OYYsNHWUVr0c5I7O5Xn9fc7f1qUKP_GmcwEZEjMacVsBzAy6Keqzq6Mu8PA_NxCZcs7msPnnihrUmBqkZdzIRHpDCMtPHqkKX_RhQGeNkcMOXEYoexp_d5QwoYdSonqcfLOCjpuUcBdW_UBYyI7rARwfaEQYXGe4Hd2mgL7akBRmr-VXgAEZSPy0khJYZtYJHSTs0xyFn109YBotD_SW_lJozMws5iUNttIvvQ8uAHkw-fP2c60jYcpNkBgVVkzH9dOACdrCezwlpSL4O2Uq8waZe64K5zAnL1TBj_tTa0_POrkqA05YjUEM-72IbOSAf9nZ50FL4Bmg1fwaU8MV4K3TRtbJWIxyuXLs4AaZuH9e610XntlaHAV9iy28XZpOsIM6lUKEeCpdpufoRpWDa6jIeQRHxDDTfMYmtEEF5b-Z9sXDewRg1eBdYuNaAKS-NJHvMHp0yTI2pmWjGjT4krzRNYwWDTdDRvPrk2nA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLA7j1Gm2Y-DLEoLF7_UP2auCuA3JntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTjAU_QdoBGLMSqZYA9cxKG2bya11O1idQf8bO7vwpms3l9ZMql_XjodY-xPuF0jflACcBcmI5b0gqGqxQQ531NAXXpQp7ZkC8vfb4_S8BdCORW5C0I5c26J3YRPjuDqPP7J22pokgcL2emKaqu4APQKmZhx2eDycgZebeMa3cktLRfUOQMdoyWZnQEzaAc5lXbP0rIz3ACt5u6BAJ58OvMeeLfZ5jLdoJj6QHKGlvl2RRBR2PqMqPZqs_79li3haLH4r93M7p00N6hWZ06XCUNBkVBoy0_gl2iKeCoDuOEMLrkcP9GgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1i5HdYSstE39FPuXQCu9SIZMZ2Lg%26client%3Dca-pub-2108338005955045%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d005405d1ca99381281cd63167602163c8763203e33036bb8c72719fa6a6598b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=g_h2OXKTvXGmOw1nU4DLzOs4ZRE5oYppjQjlQd8lOwEgneo4gjDlSS-eMSjQN1e6NsTDvQaaCrW0Upk8Nw8iqrl_KLMQzStP6TUNaZ98yQHEfFmXFyFhI9e84y-Dbot53WRieabW-7Pz4-NH2AOW1oIvRNLlA2ge-GaNvDIDyKP7DF1Rg0qrTOiha0gMWE7Jut5c3fnhGxS1WCEo_FzdyLqb9D0XBwaXSGXrHk_mElS_p2meYaMphdbC3xmsG6tivlqOLw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 78665082
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 98ms
97ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7adcbcaf3158270b4dc2354bb397adc044a5fa7b60d45f5a7d53cef8f0fc0bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 14965383714877584202
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FEF2 2 KB
1 KB 48ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7Zp1AAEpeAIu-KCAACV2Slqeu7Rpyo-YRPVxQ&u=%7CxJlgnc66FlmITDP58d%2FjkJVBDJIl12i7Oxs56joKc3s%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcz9--kQqKO-RFHDoku9qmqKQqEP_d1As5CtMTN0vPYZlXEE2mjHDFqNSCBr7XSW09lfDrWYH2mpa9e71_fmgarao6OYYsNHWUVr0c5I7O5Xn9fc7f1qUKP_GmcwEZEjMacVsBzAy6Keqzq6Mu8PA_NxCZcs7msPnnihrUmBqkZdzIRHpDCMtPHqkKX_RhQGeNkcMOXEYoexp_d5QwoYdSonqcfLOCjpuUcBdW_UBYyI7rARwfaEQYXGe4Hd2mgL7akBRmr-VXgAEZSPy0khJYZtYJHSTs0xyFn109YBotD_SW_lJozMws5iUNttIvvQ8uAHkw-fP2c60jYcpNkBgVVkzH9dOACdrCezwlpSL4O2Uq8waZe64K5zAnL1TBj_tTa0_POrkqA05YjUEM-72IbOSAf9nZ50FL4Bmg1fwaU8MV4K3TRtbJWIxyuXLs4AaZuH9e610XntlaHAV9iy28XZpOsIM6lUKEeCpdpufoRpWDa6jIeQRHxDDTfMYmtEEF5b-Z9sXDewRg1eBdYuNaAKS-NJHvMHp0yTI2pmWjGjT4krzRNYwWDTdDRvPrk2nA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLA7j1Gm2Y-DLEoLF7_UP2auCuA3JntKxXL3plfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTjAU_QdoBGLMSqZYA9cxKG2bya11O1idQf8bO7vwpms3l9ZMql_XjodY-xPuF0jflACcBcmI5b0gqGqxQQ531NAXXpQp7ZkC8vfb4_S8BdCORW5C0I5c26J3YRPjuDqPP7J22pokgcL2emKaqu4APQKmZhx2eDycgZebeMa3cktLRfUOQMdoyWZnQEzaAc5lXbP0rIz3ACt5u6BAJ58OvMeeLfZ5jLdoJj6QHKGlvl2RRBR2PqMqPZqs_79li3haLH4r93M7p00N6hWZ06XCUNBkVBoy0_gl2iKeCoDuOEMLrkcP9GgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1i5HdYSstE39FPuXQCu9SIZMZ2Lg%26client%3Dca-pub-2108338005955045%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:28 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FEF2 2 KB
1 KB 52ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FEF2 308 B
636 B 29ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 31 Dec 2023 06:10:28 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FEF2 293 B
621 B 31ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 31 Dec 2023 06:10:28 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame FEF2 43 B
348 B 185ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hFgdWFpK7UNOzZVT8RZfYtdX4rDdZEUXnsLMsqZyNgwdu9Etxsok5mFjDU1k4Oansc2lKYOiHhIvHAZbcjzWsffeVfdmkEey31cRLDKYaXZBuRPvKFi2QiDVeytwDcAcbxLcS8tLL1ex2QiPlAU04slOcuZqQMIPDztd_Py6irVGJKD3zjXy_u1jcRwweGwcA2RJT7m-NoHREoo_7UhqKc2AE7050a5u0625yzIrHyp8LyGo2TBACpx1KN-pWcqAz7rCgt1NpDB7WWCWUggOa3V4SITfB1us7TNjpGCacrBihE-3qTAQenWBSZPTVFHtNn_ZHu4zJ8nng-295Tnu7yg24BLLboE6v1d1Yre-pnie0pr6qg8h8V4BzKHwajkTosmGuRhSdXyuvZAkO1DRpevXpZzMr2MdXrpnLKIdR3IjxhHu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2722268
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 132ms
54ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rivnepost.rv.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
54ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rivnepost.rv.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D7E 22 KB
11 KB 327ms
326ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55a874f4baf0f4e4d42a095ec314965dbc75f832bda691c31c83c2a376655d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10920
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8CD 31 KB
12 KB 330ms
329ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3af7220a05866810d3c0d4482b448c3eb82a82ed52247fe80d67786e861231c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08AA 32 KB
13 KB 359ms
358ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b29ae20b6b6ae9c822246625f02fea191cb1288d9c0c178d81371f0e28758fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 13108
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 057B 32 KB
13 KB 339ms
339ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8974e42725802f64eedeac98d71ce2f655a3aee9bd7d7de5ee4a3d76f0739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12803
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F1B 31 KB
12 KB 339ms
338ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbd371717439186ec896c893c81df923c15f0f405e0dfc9b8edafa8d9fe3a474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12483
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FEF2 12 KB
5 KB 64ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 101177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXIFzPbTg7Of6wr6Lb3%2FqHRR58UrR56nFz3O8tMdq8%2BZrRPNw7xNRkdRPdpKI3iYAbLj5DLFvwflRM%2Bd%2BRV2YG2xplVTh2wpxFzlROX3n8MM%2FSF9YVMHJQGPzgY0GScud2UOAzfP2Zt%2F3bcAUyizteN2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 784a0d13dc112c42-FRA
expires: Tue, 26 Dec 2023 06:10:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FEF2 12 KB
6 KB 20ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame FEF2 38 KB
38 KB 90ms
36ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame FEF2 46 KB
46 KB 90ms
36ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FEF2 61 KB
62 KB 89ms
34ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F9a98aa01b7a0456da39698b324c26949_stardardcon.png&v=3&w=462&s=L0VSZEBfVH2AtHZMpXpGxBmx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6a161252cbf7e20e725cd847ffb35f79c2bcaec7784b7614dd832a3cac9e88e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30322123
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 62775
expires: Fri, 22 Dec 2023 04:59:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FEF2 107 KB
108 KB 107ms
52ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=dfmKjUAEI6KYVdA_G-qXdkId

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29908335
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Sun, 17 Dec 2023 10:02:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FEF2 26 KB
27 KB 79ms
25ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20149819-oQui54vN.jpg&v=3&w=800&s=3yjVu3GLh-z1OSrc5LrTqrqt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

be3f5035c6ea44640ca2f468d2de829b77c3d9dd500d525afc965d7ceafef06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27004
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FEF2 5 KB
5 KB 71ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19252126-t0lkIdVK.jpg&v=3&w=800&s=_syQZWHuzKb2uXX8AteXpJY2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

097eec66d546bfc13230a83fa1251571613e451c2cc815b413eae87c7f4751c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=463145
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5314
expires: Tue, 10 Jan 2023 14:49:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FEF2 31 KB
31 KB 111ms
57ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18263402-96fKFitm.jpg&v=3&w=800&s=iHbT2dVjhQAqkcfTneHjZU5p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

697d124621fb37d791fa207b681fe129205407cb9fd9a0a9f14fae692264289b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=542794
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31490
expires: Wed, 11 Jan 2023 12:57:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FEF2 0
128 B 69ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=g_h2OXKTvXGmOw1nU4DLzOs4ZRE5oYppjQjlQd8lOwEgneo4gjDlSS-eMSjQN1e6NsTDvQaaCrW0Upk8Nw8iqrl_KLMQzStP6TUNaZ98yQHEfFmXFyFhI9e84y-Dbot53WRieabW-7Pz4-NH2AOW1oIvRNLlA2ge-GaNvDIDyKP7DF1Rg0qrTOiha0gMWE7Jut5c3fnhGxS1WCEo_FzdyLqb9D0XBwaXSGXrHk_mElS_p2meYaMphdbC3xmsG6tivlqOLw&sds=2&rev=84145&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FEF2 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FEF2 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
DATA 200
OK truncated
/ Frame 76A1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4460c06564fe0bdfb43118add8d1828009029cabce82a14351135dd490e042

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame 8DBA 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:10:58 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame AA45 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:10:58 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame C556 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:10:58 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame 025E 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:10:58 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8DBA 4 KB
709 B 137ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:33:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8DBA 205 B
295 B 152ms
71ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:26:59 GMT
x-content-type-options: nosniff
age: 35010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 20:26:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8DBA 604 B
918 B 128ms
48ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:06:57 GMT
x-content-type-options: nosniff
age: 3812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jan 2024 05:06:57 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame 8DBA 19 KB
8 KB 157ms
59ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8195
x-xss-protection: 0
server: cafe
etag: 298254208257092395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame AA45 9 KB
5 KB 112ms
36ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:46:31 GMT

GET
H2 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame AA45 10 KB
4 KB 113ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AA45 8 KB
1 KB 128ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:41:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame AA45 2 KB
765 B 234ms
142ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame AA45 24 KB
9 KB 143ms
51ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame AA45 3 KB
1 KB 232ms
141ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame AA45 18 KB
7 KB 141ms
49ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA45 154 KB
47 KB 131ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame AA45 34 KB
14 KB 145ms
72ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:37:16 GMT

GET
H2 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame C556 9 KB
4 KB 111ms
41ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:46:31 GMT

GET
H2 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame C556 10 KB
4 KB 113ms
44ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C556 8 KB
968 B 130ms
53ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 05:23:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C556 2 KB
765 B 229ms
143ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame C556 24 KB
9 KB 183ms
97ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C556 3 KB
1 KB 229ms
143ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C556 18 KB
7 KB 194ms
108ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C556 154 KB
47 KB 149ms
81ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H2 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame C556 34 KB
14 KB 145ms
79ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:37:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 025E 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUu2u1Gm2Y_rZEteJ9u8P9syhgAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTfAU_Q5nKJzBN9ct01mvGhVrAQzLCu2UWYqM710cHA4-MWKF7wd9wtqKBVTBFz6nVm7MfDT2wEHzbsycHQiTE0Vblm_XpgQwfUH4DKa92ESrEaD5l6rMtpEl9FIVeryih5DE8AwNMI_BnUdjgCs1SAXEEKsyFbgF0MSCKcJ2G5kfo8fAqTGFAlwhFCRaFWDn82aelEwedzpr6B7i-r7C3Qvuu6adKuH3KK91YDHEGJPR-_B_QyBq9jB-T2v8u5ymw26m0Uk2vpi59JmPf_3LT-hefbq20jPErkIXwIcHUKpDuABpL3rPf7vsa7K6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEwODMzODAwNTk1NTA0NRgA&sigh=Sal4xQ5act4&uach_m=[UACH]&cid=CAQSGwDq26N9oVrBEyxfrN-lHCpFVkTMSLCZatOWlRgBIBM

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 025E 0
0 47ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kfDhCcz6RO0HfJ2DYgICAAAAMG6Y_PFTt1xw1Gd7ENNptmMLEuMzHfVKQTBFAQASAAA&wp=Y7Zp1AAErPoH_YTXAAhmdhnEVO2qTCwjdZiYuQ

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 330348
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CC4E 119 KB
42 KB 88ms
86ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7Zp1AAErPoH_YTXAAhmdhnEVO2qTCwjdZiYuQ&u=%7CxJlgnc66FllxtJgHmI1qvCRkrG09CcGjMl6rhSgeQfo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nFVMkjE1LG0HMjA84DW7_enpHd3FRTADViZurdkCAU2MvQtl6MIvzBzFzk5DBAvVQjI28njr5_KILDWZl1S7ySARn4aAXMRrfIiYRFPeygEpdMDevtoKaljofiCU3mjvA-ExXfewkAtxxKJt4_iUvJHXISsLzH7NEaWJQyiZUvuTqWYhSMFBhW2MfX_T0P6PMrkJqpiYKqFxBVAb6fWPuSWp2j7hcf01gKr3ebDNdG8XZRaAYwinfNP2B5S2v1vgfYg_5kM4G6BdHN4ubpF4IotUrxVJi4mtThh00svcvYjyJFgdLFM0JomUgKvDvyZDt_PevpBU8QH5_IQ9RKYYOdJI1tssa4BgHz0tmhzSRcz-oe7b18sIW_Cm9nFYSsuQgOGrLd8enum26eeoH4E6VAJUkkx2UoRKqC5fCvV3WNafTEeB7Q3P-UVrKSJr1uqgjZfo2Ep4GESRnI3IM8fU3SXLAmeNDG7iCyPdKzjYFEGzMSreHdAzQvHuldUZ0LgRLOXkW-6EBn97ejkUOhiSwIxn0VEnFIh80CmFH4fBl9tR8prt2MbKMHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRilh1Gm2Y_rZEteJ9u8P9syhgAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTiAU_Q5nKJzBN9ct01mvGhVrAQzLCu2UWYqM710cHA4-MWKF7wd9wtqKBVTBFz6nVm7MfDT2wEHzbsycHQiTE0Vblm_XpgQwfUH4DKa92ESrEaD5l6rMtpEl9FIVeryih5DE8AwNMI_BnUdjgCs1SAXEEKsyFbgF0MSCKcJ2G5kfo8fAqTGFAlwhFCRaFWDn82aelEwedzpr6B7i-r7C3Qvuu6adKuH3KK91YDHEGJPR-_B_QyBq9jB-T2_cmYWOu5dn6rD39KW6LvYP7r1gL0q_9ZH6UemrhbP1AQ9d-Ot4Riyp6ABpL3rPf7vsa7K6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2noS6eQ9N_YmE30s8NxY-IbGA3MA%26client%3Dca-pub-2108338005955045%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c74cd14583c6030d1e0889fc87f72761b07ac039190cf9925ac1e637490971fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=itgFBnKTvXGmOw1nMjVZB1ASb_kdsfn90pLBDjjfPEVy2V2JwlZlDLLC_2eqQoUks5SoVThN6ZwNJefPR7TLIZ8bLz0Sn352jsO2zcr8ILr7uImBQdmFsNIwYMqgaj_mr368UrwpKO6gI9p8Hf6p9uQqQuXOXYdOgfzoNI6gZunWrYRDSRN9yKDM_m1O3nd31LM7qzew_uaexPyBmdAviact03FPokJyQ-XmA3DwDxzmBh61JJ-gJT7JiP2WPpPPvqU-_w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 72288872
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 025E 3 KB
1 KB 224ms
145ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 025E 18 KB
7 KB 146ms
68ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 025E 154 KB
47 KB 155ms
95ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C6B3 624 B
242 B 51ms
50ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW_qINExxlb5BnfUFXzBJcK6VIYoLy7t5SecBGaqqplaEaLRLWBswpo-0vRCYYic88KOFslpm6RpD6ymvMGCYkPMHR0Fhsp706B69F19Av7iaP7euVkQQQhgzZomAh7KVFjDV83l9R8l8-tjPVcyQgaSWqxQQKKHia-R-TmsQAeaxnlInw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5D56 88 KB
36 KB 101ms
99ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2JtH_80WFgpHog2NVJw3UIVlfT4YXfUY_OUQL5x0rBFAfO2sZ1g-2cn6MDMVQC19ApvH_p4WdBc8UONGV2HwN-SP2oDrOtd31v2D521JwqL7nSClWY01h0ARN_GQGiy72gTnkBVqbI1ja-EGHNk8gi5kcP6vPBpMOz31vX8z7NGqFer4&dbm_d=AKAmf-D0uQsTknuxwztnYAT1p9rByhrVKEpJnab1oLL4gUI7mW8xgwLILo_OpoMdG0JQD284ikF05OlDCP-fOYCbh_WbmKsU8qHUvglQkNHPwM4iXIYjVioVnogx2pmdoXkAyv2iJT-SGLMtEBEpvkReDYVPMgoawJCAnr5KDOG9l99qYL3UGVqoJ6DJgWlG5YyjkHqDYt_0-u8QYlQcs679URd9CmAGWlQIIfL5G5OAEY5BdN1y0LMPqZpnXOwKr3OMIvE_K1aiU1nkTpNRIAP0DAa-kKwZt8BY1a03Tgw2wYNnKZPTycWe6PnHNIrs6f_TwVdQC8wud-QHgamYF4Ro5bkbInX4TEf50y1PPPmkwHsrGUHUxowS5nu_v8m3DxHO9gVIQrHA4GdAHjCgYnlaaezIeOmYXyzDZy8M-FfI-vaMZKlh5qLHpAnsXt-JVswBFRyXTHQsnwFHMU58GoQ9O0zXWuuObpyqnJz_i-qan7a50GV2dGDf0tyUai4LC36RMM2f6i4wRZNTl_Rs8OosVOpKbyrLgGAmK55WSrdyDn1OeakGJwDZ6T4U_D2tnBcrXKRph0cIbmWb77-eIobRp9Xtb99h7pOvJxppFxhjhftCisj1rXaPm9rvXY0faRNEk3qqIiOft8S239hNUUw6gN-tmyroOub8ubFMAHJS_A3WeHsdnEkwR7N3yeSYW8z56qWaw--1D-7ZhwDJixl-slDl_g97ojHgkrv8RIenRB3-Fu9oN8aN1qeKlY_L4r7JLY644rAnU_DTIR1LF3UsDSPQDMk5COgDF70iUKEO-vGJOB4TV-GLnUwiv5qpu3k6LH8AwjQL6JVmXyJKOFaMpxJOi0vlo8egkAlrCJdhQ6GR8ujlUfwuLb7evpMtM-ffSMtJz6tDIFHnzmX_JQQkCqJn_1c_vGn1V3tsnoBDYE-55IwMvaujLIs0aZN5TzJm3prFTBn8IuSLx0i9hP6SSxbSxQHwi08ZI2jXg1VxvtvjqD4LZsM714p2vhptKqIxdOSuImQXWgXLXdheiGCjZr9r_au62_exVDIJiH77C_aQDSN8NOAAr6Jl_1A8xIiDleHZ3S9sNnezMZ6GtYwKs0pnfMFgl1vuBBZFMi6dscJNeXa2QxPspOUpThQuXMj1bnKxPxNfiJRRaC5LPYlzLijyQwMmN2HKPggNMXX4XrftBN1b_g2qyOBBZHUqrWGGTlEHi1lPAICzWQCy6LchXNZljBcJYfHMwX_pYBEpk7cym2pQPYecVu-C6sEVwDp40ITzMqCdw3ZkwLXw6tvemVZG4eTmW9b73BVxP8LX7ySa8O0XUUA8aTL24U20HjEoFeEh_vFWBAOFW0rKurhaqNhxcuX8RHVPsmFDdPablAYecy3V2KqSpbQE7c5iKwpzrxmHh9y5gLNpSXL8DNPcwGF7FGcHVrICcvh6HS8pl1VyWIIKaX03W9WAuG2djBh2pcy-WHZgztxgFhkuHOWZm4fFUryFBZDcGjeQIxd7HWOyF3HLERiWuzdHbdvJ83rfpIbFhk6HzoZEX6KjtmpFiFU_eEKuIqt9hZ5MlmZ0uJRy0-pjiwM4NrZYhKq8hVhbQYv0Rba8VbMBasl-Aqe4kSljC-3jUiH_oKN1VUbso52Mx2frUsH-anNzIagpEX27osIeWGzvPUuTBkkQLGqHVBkXukyU1Hi3J6yR8TCoP7WLPfMFHsRiCWyt2PRuSevHmlqLFo1Pj0QEj5unR8YDlPm85rc9X3w1QgR4D75cvp9rm27QBWxTO1KE8XBTDl3qWJUN6oLC66TL5sVkwlNS49Yr0FUVxujh2ZHaTLWsJqlfb3omAm7cEJmrBq01QHNqzBDaqk3s9MliLXwFyvzvYrADpdCTPIkMxuCjJKHSb9LSCuIQ8cJSz80dkSZo58Uhh56IGBuQwmZZezLbBbLiMTYdndkL4M56zRa1sQQ6qVx7j9bomENmpt1Z2urR_O5d4EDQjj9med162IAxF7hkrSHZpmJAm1l7BA8bmNkjMkKZQgRgS6vs0k4gsofG69Zo43ZnqoCzNNkPaUDP34uwPqX42ue1OD3GeS_Sy78J5fTyPRAjL1fkx2kSJzumqMSZc9oHCbhzKX_45gN4bys3JTbBRCaDnaLhbdZF-frJZAwA8uDFUh04iEMEbx85dVzXWXM_WXgksXFbmGVbIviUySg9oiV2WWHnHYG2Ej419eJOh-EXBVELjwO6mc7NUO5IjWsvlX1hwEJy3FtfhUdyZhDP2BqPTXIGxvqij4Pr9xSnM76mgiVkMxOsIsA_F4bO6Ew_7isDpPF6YaHQ8D5CdyUOy-C6ABBS9fP0iOaiogBh4jWFsGN0nHbLjkfMuinhEEwp5Ykiv13vQigp_t9Bfc3xvvfohZ4nkRXL_2i5u9jw0tLtcdscs66KhZ2uqUL_Sx5aiUiqeJ00p7c2S33xo812HD2AWNieM-_Uh9JZBMjjc3KCRslhQ1zJ7dVrFIyfHocloCKW4qng5v3HLnGBRihYBPknb4H3Q6kOXd0OkglNyW1gYBZhXZaWpI6T5WHZDbgaFsKoeUMqMAhx86OjI2_T7OIEO_KOLYMOVqBSiM3uuOr_KlRZZ_N6e1Pb2nQjlys7tKpTTkH4FKsarF9dER5rhRH1wq5j6pgtOsZoJ4t4s9BqzZWpza76ZjFS1udoM-Lz97S08_iOeijQ7Bm6Gu9HYg2I0BSAM53NqZG_iOMUZnmorIHADz9mS9hdaWdStr9BFNWfp0-EJgMyXTHFwxk-kw7hFU4bRe3K-iJ0wlYIcRDUuj4rj8Sp5TZde2hjJTeKP6G9_90wuyUHhHfer-O_KClJ2tBpHZJ6FTTgIyt_bndVCbJUMA14sIGR0HRS2lQFc4zBuvUcQL8jrZ2Zz4n-KTZoKksQPxnYhGyd4v1fcS1kX7Fj_QddHMsIRiYLdaFmiVyZPgUdAgywEerWxkcfVt_Gp-RFmAVFUjxKtNqFGMCRkg29tF-7YhBMDYPxD4Mg1yPOBCzJnhmxfF2SEAB8gXcflmZ5PPv6tHwWfzHDSm9M3IO3YsGr5GK1L50Agg24a71zMfaMZ22daIDCGYFSYUCy4yY7wmHvJxtBh1YzX15FOCYDh3_JB4BDzGT7NVkQp1i8ent0E2QpGqmpA5XLJqv56lmaPs4_boJKbCnYvrhv5rSv_RY1cOZJdE2gk8yv2lh6S97zm5To9Nm5yndEKAmsehoLrEJiSo7PYIXU6cGmEsNcQyIKGkw91L9BlW4yOxVMQbJK4NuW0yK8uROB8t-nFao4ZlWuW1eTLX7u6eyiE_XsZhzPRCQLeaN53V6j4oZTYJ4zc4Gy6Jrl5WtkFkHB0tGTcewI-4vNO93WhjBvz6vQdGacCtQp8vRVK5ml_ZmOgetStCQaoG2Fhas84LuYe-1G7Wy-icW6Tp6ttD24Jrn2zuXrQ7wo0qsE-3TvxnJoIf0om0I5T-45TqUWKR9G3kHw0V-SeEcVNuQvadUEWJGXBzwW49YEqicKzI_fNSpwXV_Oa4qawq-M1td8tx0DoyodzhTe3oG6bkfBlb0MckkHi2dU-XgdraL0aa04WlOwaCqC7iD7WHQD6glqfKQ-sHudxHYJ0LRhYUSRMUta8UXwTrxguY6jQYwwEtFvBMhRIiv8iP_xlJbjjzyItRjJzvRpbUmqr1ednhTXAcFAD-UNAJtw6_T3g4mZJy89S5zbm1NLeQUEfgHPTyb5rRvVuJuLZuuqE6BmqQGtDfh7g7OsYF3wh3dq5v6X46OKw61s26KbXo2F4sSaP5EvUrjY8j71KO-D7pdR9U7T6JC1EvEOWOOh0Zr1Dec3_gLNmfyiROWsoMkrogW4lKUig6pwMvz19J22GegeWuVVPQ6iKp4ScPYBR1Nfn0FNagX3MZ26PNsK08MIbUbYEPUL1hUnDPVpJ3-IVWuaFu-r39veOjZTmMXttyuSd0OvD0y4yNvWosr6pz1VGopj1FoQAPoczEc4dFza-edDqYc-pMki8UE&cid=CAQSOwDq26N9DbMQLijmtzCPojjqsPCJkePvxjvlsmvS_N-_J1VnKiGcgpf3KkpPMhG0PbZFievq-dUpHaSFGAEgEw&rfl=2%2Chttps%253A%252F%252Frivnepost.rv.ua%252F%240

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff1899505bfde6e3254743a631d1828d184b5739462be13d762820f7854e6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36464
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5D56 47 KB
13 KB 106ms
33ms Script
application/javascript 52.51.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://rivnepost.rv.ua/
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.214.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-214-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d71e7be423b0f0a4404260d596e8408ec55bfe5517ccd8a54e8c1f14ff7e1edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5D56 3 KB
1 KB 183ms
142ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 5D56 18 KB
7 KB 118ms
77ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5D56 0
0 123ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTc6vgNMK3PV6hRktRxS0OaWJMp7eiVDUbXpJJ7e-cTUIMADY_ZlompFF7hB0KEavHg05qGaAgjK8CjiMbHcAj9mF-MWQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D56 154 KB
47 KB 167ms
143ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D56 42 B
63 B 80ms
79ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3jQz-bghThaTQ5gb48Fz6mqzpyDayLPnHdMpOO9mUNFxCjJNqz9jZn9NsHTB3HBGzO9BaHUH1sXfbjAufJtIweAbj5Th5ZF2SYrxhI7mqs5w7Z5o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FBA5 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cojb-1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5AFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bONDTckUme-olKPBqxlh-kAoS3mKejWkHUO95G3tuhsxGLbqDFB0OABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEwODMzODAwNTk1NTA0NRgA&sigh=Cf4MP-eUQeo&uach_m=[UACH]&cid=CAQSOwDq26N9kEnbnJMEu-JLQQjtRcKmmUhUGvzFQBrL6gq-MbWdMuOMCCE1g9tzF2mJjDzQIIIFjVgd9LFBGAEgEw

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame FBA5 0
0 116ms
39ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kx3bnyrmcb8rkpkh5p39kp0vg1d1z48pxcm0r61xdwncnvt9dh5h2c5yxspmsy14mgw742xm6980rtdm1xnaqmy69phcbatv688t3ydtmrf1h7gbrzyfed92g80bs5ekn9rya0z4we6y10pcxc86gxy2svawx21d8z3kgrqd9j827kt7gn4g47nn0831n967q9gdwk7pft6mf85z0y7tznwf50jgyccxxbryyrkh0y8nx4yma1kt6edj44ncn7wy5ekfa5s22gvmpvhrcwmbarp68snd4w5t4nkjet2bygmr6gfdhtd25gmjr0gm6vqejpggqk9w2tw38hrm615dqvmx22ee1zaqftex69g1fgcvbdpyemjn73gr1fxwk03n86mjwq38a622aw6&b=Y7Zp1QAAl9QH_YjUAAZCUHw9PjvNmJS9t3t6AA
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 8827 2 KB
3 KB 58ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hj079f17ssbd6rrj3c0ht8b0mky9yx0dntved5deqg8f2ksenh2hzmzvp9s0m8z3y6g0jkw2nfhhakq3vv9wtw60h4cv2k17mgdgekrr0kpq7j72zxk2byxg68srr28rvsp89hv5qf3fm81x4w8a0gr4yyzbhjg18wrv3r1gavp2k54ncjcmsj5vpvd1hjfws0gvk6zq094fkv129ptxbpmb901wrzsz7t3vbkzk660amhgxeawtbv3am6mn06rhr96ev20kpq8m7a2898bzbgk74ecz9y72yx8wr6hjk24n9x4h7m0mvhxydnjyaw7cj4m3ztp0mfhk3nc1jq35vdefkq3ykn45vaa0b4pxq9znemta83kdampb4vy6r0bxq4c5ghehywmzw70tcpc7a34j7ta21tvg76zf16qqr41nvzfehfnxet0a0whj2ex2ypjtrd1d870&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%26client%3Dca-pub-2108338005955045%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce469a7e35fd799dee6e08d6558d50847daa4f2367bde5d2c8927d1797538b57

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a0d15fa9091ff-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FBA5 3 KB
1 KB 167ms
142ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 21AB 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FBA5 18 KB
7 KB 112ms
89ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FBA5 0
0 105ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoAVymFgWi_XySpYIl0uiHYiNw2ZohjZw9Ku_aX7EA9MjBKxWXFlVHPZLT1hw0t8ZMBUGCTJEva3uBszmoH4QB6qomOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBA5 154 KB
47 KB 171ms
165ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 900B 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKL3I1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5AFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUj8yp3ScuFCg5YrhzMFEgMzb8iWTOP5TI5ZLcf6l3guiR2iDdXmX2ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjEwODMzODAwNTk1NTA0NRgA&sigh=jCbzTOqWsxE&uach_m=[UACH]&cid=CAQSOwDq26N9Gz-ATEJhWYxhDaKudx2Giw4Em5EsyTHnXcYDhhBlOxci2Oy7YObqNs9dqiBiUg12U0c7GS0bGAEgEw

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 900B 0
0 67ms
40ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hz2dmcvjk1wfdhvamcvzr5jryvpddyk6rsjfcvxm3pb74bgrm5setnb83r1ff9bgdhdm12v9jaftd78yr9tydqmyw52wr0yr6c186rt5rg78qbpnx20svf4rq6j5n3bqz1jyjk5b1xatg75s9p1etqye8qw42fbn6rxdtqvt0n21gvthmevnx9w0nj22bams8rf3whjezpgfwy1mgfpxe2384vxs4m3bm8641stxqhmht8awpj99935ahr7jf7tq45jfkxws19963h1njwmejfyyxt8q0knetqztm5ztksxg99q0x9crvyre9tgdd3009vq6fdnax75pev9ph6m0hjepdh1x5gk29bdvs11jbea45fhbbeww93ypm4qrwjsh98xrk59v7qbn132&b=Y7Zp1QAAxQ4H_ZK8AALzQjPMg2otSujSB7_lfw
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0EB8 2 KB
1 KB 25ms
22ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hkaw8rn8350rx3fa7bw19wkmjcwkzrdr87fzy0ncx4jx6kv1a8rbt62sh9hyz4n31bbskkj0jmv9hw2er380k9y23t8sang9rvp4zbfx1aswp1rpwz4cfp8hnbfafen2rgkfm3rym84pqr21fqkcxdv4wnrmy7bqqc0zyfj7zy4jqpz7xzvwvx0988mj4rw382c29bxj5rchy5r2pyrmbbjknp33bsxt886t0fvzy4a83grcmm58h7we48fwq69vkkqrdn6yz8y0aqc7n3vymmyyex2np8qvbd4990vwacxm6mj9g1fh8ffn680n4zgj4trc4bnm9gdaezf370ttj4dh4qpbwzh7xcvqebwac6t6k6k3qrdytg1b1kzwfzmx8gfs90w96gwxswrh03eyms84mrmwr94shvsca1mhct0gpe4qe6c5fsh7hr5fb2m7zaw1wztb620&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%26client%3Dca-pub-2108338005955045%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

832c38fe226ee8a4bbef100d86612fa6f347d7c8b6f4d17d8636a4049105bc00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a0d161ab291ff-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 900B 3 KB
1 KB 119ms
115ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3CBA 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 900B 18 KB
7 KB 87ms
85ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 900B 0
0 54ms
45ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_yTR4-jxBt4c-nMfk8lDphu4wFOqlZs0Zzn-lYiOR_Fg9wec1iTE6jfOIBhzg4IJKAs6hD7IbRLoDJ3dg2BkXMt5aQA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 900B 154 KB
47 KB 115ms
113ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54C0 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COaYx1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTkAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuLer-yWYGStMz3RmYOTTqYHDXLHwyO0WXoJebNMV3E4m5T9yFbRZ4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTA4MzM4MDA1OTU1MDQ1GAA&sigh=ecIe-ESYyqw&uach_m=[UACH]&cid=CAQSOwDq26N93bT6P0QSpMR2ksgS6SOFeFk6x9o46Opwh9uQ84kSc2YxrO9yFVIkh4ilwc7mhZH6pK8eUPLbGAEgEw

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 54C0 0
0 48ms
39ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kdmx1b8xrwkj60mz3bkt6f9jxvfc5gt56dt0e2qab23sbkec0rvsfj7neczccdx8jeqgywbea9qsat3wf1b61mq58w4rtp6nk2bq9tc1yjjqm1z9p35500p53cttdwape74sh93d3jg41dx7fv6ew8apf3b7pte1bkz8zk1q9992f5g8kq5ppvz5a8rqyf9fxcfde3zp80dskypm1x3shr695j07d91j0j5txaryfa1htd6z1k4521nqjc2kwh4ydznjw5cr1b66nf7pjsze7wrm1ngjnw1kv3ch65mmy61wqbb4f6azw2tcmbtnsxfkaf7w7far8pcnng9k46hnzc8astdcnzvfpyxx02jj0y81b1d3ambdx0w2sszvztm2d40ghazaz90abyy&b=Y7Zp1QAAzmgIu8DVAAow-nttybDkruGvC4CXnA
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame EEF5 2 KB
2 KB 36ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hzmmm8vfbjek0yb3b0kxqhrpekcp3z4s7cr7re8p9qdb8827gbyg122czc9bq0vfv4y27v2sktn38191kqvrd3x72whsr784a70nzfgd89brwaejg8c2pz87p5g0spm06j748rr1x51greftnj2pf6dadfe1efkq8gz91r8bfkvwk2g16wbw91q1b0v9edxyafatzqb9g02gd15gtfxrgy5fbzx19cpd6kkkgvx211ephafmew8jm0p2w38fpfxskbr8x2ycn636nyj1ffgmg5hcqz4zmdqcg7sxdhn2smwnnmmgxayye5r5b92rc4bwd9x11d60178w3sv4ek25tztn9v28tt4r4jc8h12w3x4jrwxsbmzk2qf37wprzf122jp8x1mev9pe08yvdp7k3mw74vqd1r2dmqty3ajs2hpb42960pc9hz8mgk6bcyx8hh94qpytb70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%26client%3Dca-pub-2108338005955045%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4396e9a6e18265f89c3755aeb67569f3bfd0332449dd84f21bee9e1a81a78949

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a0d163ad8912e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 54C0 3 KB
1 KB 103ms
102ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7D9 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 54C0 18 KB
7 KB 77ms
77ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 54C0 0
0 46ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCXcnU_IM9ifPxeJjGIB0ZIXOKXbziPkjI03T181doLI89aLsxMHchMN6pIUtJ-Qh8M_mZNwtukZuW8KcppPFEel_OXQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54C0 154 KB
47 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55EE 0
0 89ms
85ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmBIy1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTkAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQwPq5pIv0OENwNNb0LpZoAmOzpxk-pGmwFGiOd31BXHRyeeCDmXEoAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTA4MzM4MDA1OTU1MDQ1GAA&sigh=66ab8rQ3TmY&uach_m=[UACH]&cid=CAQSOwDq26N9mKir6MFaIUC6U7OBkFWoCbRo7MtAt3HvTCA7_XSwiGw51m5isfK_cajqL_bcxuyXnMRpAnBHGAEgEw&tpd=AGWhJmugh1FjeXIrcbfptD5rumM8DLxav_c4r24xocB8emvIBCv_NeK5irjMrQ8MiVn6ObGaC0KfF8WRF-YYMw7R3iSu359sOTAhm8WR2qfc5jugIwBsxExiB899muhESykUTatIxXyEkQTFoYpWmDAWrL53ibJyUJ2oAUhLeXByBJcxa1b0cY4bJG6Bees39LA4NH9CKF_3I3jG1H5ZPBOZV3QE-7968mKJ3Qol7INDt8tC4i1D-XwVq8gvPkFQf7qOeSkHFWZpPP9XKt-2aZMUMeEtbm-iDFU7ogM1F9BBVZbp3ELtvJEiFcaukGgXxwmPOCcpomE7PqvBrE4wjJr5QNk2wsRCPlLoSiDa2hxDxhz1bnVuurStG_jJ1r0fGt7Ro5JaP0RkG8107EeBk0NZjMH3HfQCMtRZLx1C2lCVDcqTannFKVwwG2932L6kYlD7ZMARIdnUnobOG4KylDQ8sCs4J2YGOkyThf_2UUWsKT5TwGXSIkgjNGolLXw0IryDkQI0dREeDegxPj2D-x7l03NmEJwvtErl6wncOZlw8_iUegXUvQvGEsPRx7TPfp1Lwd56OaAtDKM6f-AIL6d2Ij10YFRHenDh0vQLSmE5i1EFMzqIUpRytzjQEpjfw-lEJ8I66LdAGiGkiaWdvYGBrHmDXOlAbG5Dth94cVyX2IVvWCQM_jMsKOF1EqCAOC7p-qG_xqgvzkvgzj_ZGB3LPJL3zcD7dB2K-b7W4XGbGUQg1QrYNovQNZtePr5QZoHyGOfkyisXuJX-Z52bdBwJCBrPonX5EN7XlCxjlipgxrkMaygzCd_lR1XBymAEw-aIuSP-Iz7G62gJEpL61Nf9VqMS3rjhB1N12AphRQqT4jCjA_GDgUh6FHIaT6CJVRWbRBpwblFjvhchTmqHM2nzDydrzHYqyyTRcMn7LbsDVT7nQhpi78Glrpn8D9cWA8WqT8Y9ww82Dq8J8KzJbYksTX-UUFPHizG3xtGief9dNBCEKtjskLYB9KHZzt7KsV3LY-X2aH33bAZuDkX9YSkoL-JPth-fBhvv-e5tub23FxduZaMRHMmczpoNxjsHOvrPSNlEhxRzKlEWRqszcQKUgdzf5SCgEsT4bfbs5UzR

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 55EE 2 KB
2 KB 63ms
16ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdJMVlUZ3lZMlV0TjJVeVl5MDBaRGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxMDU3MDcyMDYzMzM3MTkzMy82NjIyMzI1LzQ1NjIzMDYvNC9xSWdCRFhlYVFfV3lSTXFzNnFHR2Z3WTZGX2NXNHRGNFZKRmdCOHIzcG9nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxMDU3MDcyMDYzMzM3MTkzMy9hbXMvMC83MC8yOS85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3Mjg5OTAyOS8xNjcyOTExNjI5LzQvcHViLTIxMDgzMzgwMDU5NTUwNDUv/HV377vM2iw0PbIKV8dHwgfag1b8&nodeid=3289&group=cdg&auctionid=610570720633371933&pbs_auctionid=610570720633371933&shardkey=610570720633371933&sid=4562306&cid=6622325&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.374.2 /
Resource Hash: 8580d274e3a5aabce80f8ef7d53e4dcf749cbe98474e8652d58413ead444682a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
x-mm-nodeid: 3289
Content-Encoding: gzip
x-mm-bid-request-time: 1672899029
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Thu, 05 Jan 2023 06:10:29 GMT
Server: MMBD/3.374.2
x-mm-latency: 1 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x99, cdg-bidder-x145
x-mm-lag: 0
Expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 55EE 3 KB
1 KB 86ms
82ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 55EE 18 KB
7 KB 69ms
66ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 55EE 0
0 47ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFvayRxWiJmQjsfjlvWqKwTG6fFEfEZhXJ5_Q5i1M3yMk3wke_YfI12olxQcal-wCheX6VV5_2zu8Rs7rYOFyK1J-wAQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55EE 154 KB
47 KB 101ms
98ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C6B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW_qINExxlb5BnfUFXzBJcK6VIYoLy7t5SecBGaqqplaEaLRLWBswpo-0vRCYYic88KOFslpm6RpD6ymvMGCYkPMHR0Fhsp706B69F19Av7iaP7euVkQQQhgzZomAh7KVFjDV83l9R8l8-tjPVcyQgaSWqxQQKKHia-R-TmsQAeaxnlInw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C6B3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7Zp1SuNUbIj3eFffGgUfgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1

43 B
894 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW_qINExxlb5BnfUFXzBJcK6VIYoLy7t5SecBGaqqplaEaLRLWBswpo-0vRCYYic88KOFslpm6RpD6ymvMGCYkPMHR0Fhsp706B69F19Av7iaP7euVkQQQhgzZomAh7KVFjDV83l9R8l8-tjPVcyQgaSWqxQQKKHia-R-TmsQAeaxnlInw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGjEKghpO-2oY1ka52dgASg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C6B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZSciXNX3D95929f61XY_k&google_cver=1

43 B
1 KB

57ms
46ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKZSciXNX3D95929f61XY_k&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYpMGavQEwAQ&v=APEucNW_qINExxlb5BnfUFXzBJcK6VIYoLy7t5SecBGaqqplaEaLRLWBswpo-0vRCYYic88KOFslpm6RpD6ymvMGCYkPMHR0Fhsp706B69F19Av7iaP7euVkQQQhgzZomAh7KVFjDV83l9R8l8-tjPVcyQgaSWqxQQKKHia-R-TmsQAeaxnlInw

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:29 GMT
AN-X-Request-Uuid: 91a9ae46-667e-4134-b285-56e007761266
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKZSciXNX3D95929f61XY_k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6B3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D

170 B
188 B

64ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 17a31d6c-a5fd-44a2-94fb-62d594fda7ac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CC4E 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7Zp1AAErPoH_YTXAAhmdhnEVO2qTCwjdZiYuQ&u=%7CxJlgnc66FllxtJgHmI1qvCRkrG09CcGjMl6rhSgeQfo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nFVMkjE1LG0HMjA84DW7_enpHd3FRTADViZurdkCAU2MvQtl6MIvzBzFzk5DBAvVQjI28njr5_KILDWZl1S7ySARn4aAXMRrfIiYRFPeygEpdMDevtoKaljofiCU3mjvA-ExXfewkAtxxKJt4_iUvJHXISsLzH7NEaWJQyiZUvuTqWYhSMFBhW2MfX_T0P6PMrkJqpiYKqFxBVAb6fWPuSWp2j7hcf01gKr3ebDNdG8XZRaAYwinfNP2B5S2v1vgfYg_5kM4G6BdHN4ubpF4IotUrxVJi4mtThh00svcvYjyJFgdLFM0JomUgKvDvyZDt_PevpBU8QH5_IQ9RKYYOdJI1tssa4BgHz0tmhzSRcz-oe7b18sIW_Cm9nFYSsuQgOGrLd8enum26eeoH4E6VAJUkkx2UoRKqC5fCvV3WNafTEeB7Q3P-UVrKSJr1uqgjZfo2Ep4GESRnI3IM8fU3SXLAmeNDG7iCyPdKzjYFEGzMSreHdAzQvHuldUZ0LgRLOXkW-6EBn97ejkUOhiSwIxn0VEnFIh80CmFH4fBl9tR8prt2MbKMHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRilh1Gm2Y_rZEteJ9u8P9syhgAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTiAU_Q5nKJzBN9ct01mvGhVrAQzLCu2UWYqM710cHA4-MWKF7wd9wtqKBVTBFz6nVm7MfDT2wEHzbsycHQiTE0Vblm_XpgQwfUH4DKa92ESrEaD5l6rMtpEl9FIVeryih5DE8AwNMI_BnUdjgCs1SAXEEKsyFbgF0MSCKcJ2G5kfo8fAqTGFAlwhFCRaFWDn82aelEwedzpr6B7i-r7C3Qvuu6adKuH3KK91YDHEGJPR-_B_QyBq9jB-T2_cmYWOu5dn6rD39KW6LvYP7r1gL0q_9ZH6UemrhbP1AQ9d-Ot4Riyp6ABpL3rPf7vsa7K6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2noS6eQ9N_YmE30s8NxY-IbGA3MA%26client%3Dca-pub-2108338005955045%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CC4E 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CC4E 308 B
636 B 20ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CC4E 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame CC4E 43 B
347 B 19ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BxnPGWbtm2aQz_R_NmP87aSpoaeRHeuI0XrCpQn9fg2B2gNqY1i5sZopdK-BHT837_GF7X2ulDAWvtiNDxU1o8TxpQYxkvRD7AiF4Qny4Qjx-Cz3KGv1II_vqyrrnKWndzUtwtMiT1C3wSX-XKXUCYR2-5FTY6jY95MzXlKUlavCZPoFG2a9yk8debqGGLQMmakFDv4CEzIydTDeOP7H83TmAgS_Cz3w-LpUmaVGQlk4vGqq0NYk7XWRZjXuvwKtslddGD1VtpuXbXxogNZ2s2Vt2LtdJpPUX6IbClDHHEE0wtNM2YV9BwiHKWDZSJGFezFF6sAIu18spEyUTunKjwd4FjZN4xlsheYwmkN940xRmYT4R8T3HFK7ik76kNKAn60Z9ys1PiySzlkKb18oXuxF_ykreYbbW9MEIwwB4RGkp2R_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3424904
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 8827 89 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hj079f17ssbd6rrj3c0ht8b0mky9yx0dntved5deqg8f2ksenh2hzmzvp9s0m8z3y6g0jkw2nfhhakq3vv9wtw60h4cv2k17mgdgekrr0kpq7j72zxk2byxg68srr28rvsp89hv5qf3fm81x4w8a0gr4yyzbhjg18wrv3r1gavp2k54ncjcmsj5vpvd1hjfws0gvk6zq094fkv129ptxbpmb901wrzsz7t3vbkzk660amhgxeawtbv3am6mn06rhr96ev20kpq8m7a2898bzbgk74ecz9y72yx8wr6hjk24n9x4h7m0mvhxydnjyaw7cj4m3ztp0mfhk3nc1jq35vdefkq3ykn45vaa0b4pxq9znemta83kdampb4vy6r0bxq4c5ghehywmzw70tcpc7a34j7ta21tvg76zf16qqr41nvzfehfnxet0a0whj2ex2ypjtrd1d870&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hj079f17ssbd6rrj3c0ht8b0mky9yx0dntved5deqg8f2ksenh2hzmzvp9s0m8z3y6g0jkw2nfhhakq3vv9wtw60h4cv2k17mgdgekrr0kpq7j72zxk2byxg68srr28rvsp89hv5qf3fm81x4w8a0gr4yyzbhjg18wrv3r1gavp2k54ncjcmsj5vpvd1hjfws0gvk6zq094fkv129ptxbpmb901wrzsz7t3vbkzk660amhgxeawtbv3am6mn06rhr96ev20kpq8m7a2898bzbgk74ecz9y72yx8wr6hjk24n9x4h7m0mvhxydnjyaw7cj4m3ztp0mfhk3nc1jq35vdefkq3ykn45vaa0b4pxq9znemta83kdampb4vy6r0bxq4c5ghehywmzw70tcpc7a34j7ta21tvg76zf16qqr41nvzfehfnxet0a0whj2ex2ypjtrd1d870&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%26client%3Dca-pub-2108338005955045%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 753794
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OwmExX1aVmZJ%2Fta82c2furXEoMime57ts0FLI1dtjnEvycVNSbFP5Izy6Z8KqP%2BoT%2F7L4LvVzdD8ZdTgbl%2FwYvQMl7fbRH5%2Fii3UDM%2BbRIyltB8vxODS%2BJOi6WNNKPyUVWggzD%2Bl9k%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a0d168b2f912e-FRA
expires: Thu, 05 Jan 2023 07:10:29 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 8827 35 KB
12 KB 28ms
16ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hj079f17ssbd6rrj3c0ht8b0mky9yx0dntved5deqg8f2ksenh2hzmzvp9s0m8z3y6g0jkw2nfhhakq3vv9wtw60h4cv2k17mgdgekrr0kpq7j72zxk2byxg68srr28rvsp89hv5qf3fm81x4w8a0gr4yyzbhjg18wrv3r1gavp2k54ncjcmsj5vpvd1hjfws0gvk6zq094fkv129ptxbpmb901wrzsz7t3vbkzk660amhgxeawtbv3am6mn06rhr96ev20kpq8m7a2898bzbgk74ecz9y72yx8wr6hjk24n9x4h7m0mvhxydnjyaw7cj4m3ztp0mfhk3nc1jq35vdefkq3ykn45vaa0b4pxq9znemta83kdampb4vy6r0bxq4c5ghehywmzw70tcpc7a34j7ta21tvg76zf16qqr41nvzfehfnxet0a0whj2ex2ypjtrd1d870&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 172327
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuQUzapxk3yV0NBZtTT0CuFKWPX%2FRtXlhsAVshqtXmUNumEK8ZctbhhCgv%2BoSZ81eBvJDdozVlnGDVw3pzzuQnkfNlO2fcTJpkKrnWeikv9LVYeopuv0JEQjAgNw718ANqsEXKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 784a0d169b3291ff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 0EB8 89 KB
11 KB 28ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hkaw8rn8350rx3fa7bw19wkmjcwkzrdr87fzy0ncx4jx6kv1a8rbt62sh9hyz4n31bbskkj0jmv9hw2er380k9y23t8sang9rvp4zbfx1aswp1rpwz4cfp8hnbfafen2rgkfm3rym84pqr21fqkcxdv4wnrmy7bqqc0zyfj7zy4jqpz7xzvwvx0988mj4rw382c29bxj5rchy5r2pyrmbbjknp33bsxt886t0fvzy4a83grcmm58h7we48fwq69vkkqrdn6yz8y0aqc7n3vymmyyex2np8qvbd4990vwacxm6mj9g1fh8ffn680n4zgj4trc4bnm9gdaezf370ttj4dh4qpbwzh7xcvqebwac6t6k6k3qrdytg1b1kzwfzmx8gfs90w96gwxswrh03eyms84mrmwr94shvsca1mhct0gpe4qe6c5fsh7hr5fb2m7zaw1wztb620&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hkaw8rn8350rx3fa7bw19wkmjcwkzrdr87fzy0ncx4jx6kv1a8rbt62sh9hyz4n31bbskkj0jmv9hw2er380k9y23t8sang9rvp4zbfx1aswp1rpwz4cfp8hnbfafen2rgkfm3rym84pqr21fqkcxdv4wnrmy7bqqc0zyfj7zy4jqpz7xzvwvx0988mj4rw382c29bxj5rchy5r2pyrmbbjknp33bsxt886t0fvzy4a83grcmm58h7we48fwq69vkkqrdn6yz8y0aqc7n3vymmyyex2np8qvbd4990vwacxm6mj9g1fh8ffn680n4zgj4trc4bnm9gdaezf370ttj4dh4qpbwzh7xcvqebwac6t6k6k3qrdytg1b1kzwfzmx8gfs90w96gwxswrh03eyms84mrmwr94shvsca1mhct0gpe4qe6c5fsh7hr5fb2m7zaw1wztb620&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%26client%3Dca-pub-2108338005955045%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 753794
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W2jII4fUhqrbMz%2BwdovDAzsTVZ6W6tYmEa9hiC48ZrL3DvVcNYHlpqwHwClp%2FhDjQlqvou03vprH5lJcvJo4XCdovHsw7JFpqKUiQr1bZSSQa%2B44SwJvpBVQmNo5HYPk5eMGpGYoyU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a0d169b53912e-FRA
expires: Thu, 05 Jan 2023 07:10:29 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0EB8 35 KB
12 KB 18ms
15ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hkaw8rn8350rx3fa7bw19wkmjcwkzrdr87fzy0ncx4jx6kv1a8rbt62sh9hyz4n31bbskkj0jmv9hw2er380k9y23t8sang9rvp4zbfx1aswp1rpwz4cfp8hnbfafen2rgkfm3rym84pqr21fqkcxdv4wnrmy7bqqc0zyfj7zy4jqpz7xzvwvx0988mj4rw382c29bxj5rchy5r2pyrmbbjknp33bsxt886t0fvzy4a83grcmm58h7we48fwq69vkkqrdn6yz8y0aqc7n3vymmyyex2np8qvbd4990vwacxm6mj9g1fh8ffn680n4zgj4trc4bnm9gdaezf370ttj4dh4qpbwzh7xcvqebwac6t6k6k3qrdytg1b1kzwfzmx8gfs90w96gwxswrh03eyms84mrmwr94shvsca1mhct0gpe4qe6c5fsh7hr5fb2m7zaw1wztb620&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 172327
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v73Rr1PD0YBgARft4V08%2BgZLJqV0tlNwPvtbDuO%2FIQEbVKTLFBiq3Qw83i33uH1%2BxKm%2FvtbFP1cmkW8U%2Fa5iCGrX3KiWI6oqQ%2BZqdorTDiZS%2F89i4O7WMOd4Fj2k59PUqJaiz2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 784a0d169b3791ff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame EEF5 89 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzmmm8vfbjek0yb3b0kxqhrpekcp3z4s7cr7re8p9qdb8827gbyg122czc9bq0vfv4y27v2sktn38191kqvrd3x72whsr784a70nzfgd89brwaejg8c2pz87p5g0spm06j748rr1x51greftnj2pf6dadfe1efkq8gz91r8bfkvwk2g16wbw91q1b0v9edxyafatzqb9g02gd15gtfxrgy5fbzx19cpd6kkkgvx211ephafmew8jm0p2w38fpfxskbr8x2ycn636nyj1ffgmg5hcqz4zmdqcg7sxdhn2smwnnmmgxayye5r5b92rc4bwd9x11d60178w3sv4ek25tztn9v28tt4r4jc8h12w3x4jrwxsbmzk2qf37wprzf122jp8x1mev9pe08yvdp7k3mw74vqd1r2dmqty3ajs2hpb42960pc9hz8mgk6bcyx8hh94qpytb70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hzmmm8vfbjek0yb3b0kxqhrpekcp3z4s7cr7re8p9qdb8827gbyg122czc9bq0vfv4y27v2sktn38191kqvrd3x72whsr784a70nzfgd89brwaejg8c2pz87p5g0spm06j748rr1x51greftnj2pf6dadfe1efkq8gz91r8bfkvwk2g16wbw91q1b0v9edxyafatzqb9g02gd15gtfxrgy5fbzx19cpd6kkkgvx211ephafmew8jm0p2w38fpfxskbr8x2ycn636nyj1ffgmg5hcqz4zmdqcg7sxdhn2smwnnmmgxayye5r5b92rc4bwd9x11d60178w3sv4ek25tztn9v28tt4r4jc8h12w3x4jrwxsbmzk2qf37wprzf122jp8x1mev9pe08yvdp7k3mw74vqd1r2dmqty3ajs2hpb42960pc9hz8mgk6bcyx8hh94qpytb70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%26client%3Dca-pub-2108338005955045%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 753794
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnJIn96WjcPjNVbvRijfiWZEN6gtGkN6TnAlF59SNFrVVQcucciBeAyLDRXwJZbtpwWSesY5XlU6sEoa2vPOsprb34Wf65tKrLzSa2EMCxwgcPL2vZMWwGiWPDC7119nK5lO2gb2WL8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a0d16db8d912e-FRA
expires: Thu, 05 Jan 2023 07:10:29 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame EEF5 35 KB
12 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzmmm8vfbjek0yb3b0kxqhrpekcp3z4s7cr7re8p9qdb8827gbyg122czc9bq0vfv4y27v2sktn38191kqvrd3x72whsr784a70nzfgd89brwaejg8c2pz87p5g0spm06j748rr1x51greftnj2pf6dadfe1efkq8gz91r8bfkvwk2g16wbw91q1b0v9edxyafatzqb9g02gd15gtfxrgy5fbzx19cpd6kkkgvx211ephafmew8jm0p2w38fpfxskbr8x2ycn636nyj1ffgmg5hcqz4zmdqcg7sxdhn2smwnnmmgxayye5r5b92rc4bwd9x11d60178w3sv4ek25tztn9v28tt4r4jc8h12w3x4jrwxsbmzk2qf37wprzf122jp8x1mev9pe08yvdp7k3mw74vqd1r2dmqty3ajs2hpb42960pc9hz8mgk6bcyx8hh94qpytb70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 172327
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXBxv5kVjQDYZ%2BdsdItnx%2B67s3H3CP%2BVVKerukZTaB9kGU%2BY%2F0x9TU%2BGb5UkGE1gkCYpYz6JhMg%2Bf9qJPfS7bNFxAg0e%2Bx%2BbnAKdUx7nm4Wtq2QhE3XfNVfEAqtCbOAnyg1Pzvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 784a0d16db8e912e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 Jan 2023 06:18:12 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CC4E 12 KB
5 KB 24ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1762277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWF%2F8JsOsFjNEF0%2BR1ds%2BOLLWKJccMMJmyYxCKWMZhZYMEngQ8qTpM0PbIMOBK20SsZ1vUAa39o%2Fqb7by4AJouOZtvS4o0lIhCGWd7g73UcPi4jt3JiBNuYmevza4jzYI9xCOzooFU4HRed%2F7869ohHv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 784a0d16ed4e9261-FRA
expires: Tue, 26 Dec 2023 06:10:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CC4E 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5D56 170 KB
59 KB 141ms
36ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 08:56:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame 5D56 8 KB
3 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2JtH_80WFgpHog2NVJw3UIVlfT4YXfUY_OUQL5x0rBFAfO2sZ1g-2cn6MDMVQC19ApvH_p4WdBc8UONGV2HwN-SP2oDrOtd31v2D521JwqL7nSClWY01h0ARN_GQGiy72gTnkBVqbI1ja-EGHNk8gi5kcP6vPBpMOz31vX8z7NGqFer4&dbm_d=AKAmf-D0uQsTknuxwztnYAT1p9rByhrVKEpJnab1oLL4gUI7mW8xgwLILo_OpoMdG0JQD284ikF05OlDCP-fOYCbh_WbmKsU8qHUvglQkNHPwM4iXIYjVioVnogx2pmdoXkAyv2iJT-SGLMtEBEpvkReDYVPMgoawJCAnr5KDOG9l99qYL3UGVqoJ6DJgWlG5YyjkHqDYt_0-u8QYlQcs679URd9CmAGWlQIIfL5G5OAEY5BdN1y0LMPqZpnXOwKr3OMIvE_K1aiU1nkTpNRIAP0DAa-kKwZt8BY1a03Tgw2wYNnKZPTycWe6PnHNIrs6f_TwVdQC8wud-QHgamYF4Ro5bkbInX4TEf50y1PPPmkwHsrGUHUxowS5nu_v8m3DxHO9gVIQrHA4GdAHjCgYnlaaezIeOmYXyzDZy8M-FfI-vaMZKlh5qLHpAnsXt-JVswBFRyXTHQsnwFHMU58GoQ9O0zXWuuObpyqnJz_i-qan7a50GV2dGDf0tyUai4LC36RMM2f6i4wRZNTl_Rs8OosVOpKbyrLgGAmK55WSrdyDn1OeakGJwDZ6T4U_D2tnBcrXKRph0cIbmWb77-eIobRp9Xtb99h7pOvJxppFxhjhftCisj1rXaPm9rvXY0faRNEk3qqIiOft8S239hNUUw6gN-tmyroOub8ubFMAHJS_A3WeHsdnEkwR7N3yeSYW8z56qWaw--1D-7ZhwDJixl-slDl_g97ojHgkrv8RIenRB3-Fu9oN8aN1qeKlY_L4r7JLY644rAnU_DTIR1LF3UsDSPQDMk5COgDF70iUKEO-vGJOB4TV-GLnUwiv5qpu3k6LH8AwjQL6JVmXyJKOFaMpxJOi0vlo8egkAlrCJdhQ6GR8ujlUfwuLb7evpMtM-ffSMtJz6tDIFHnzmX_JQQkCqJn_1c_vGn1V3tsnoBDYE-55IwMvaujLIs0aZN5TzJm3prFTBn8IuSLx0i9hP6SSxbSxQHwi08ZI2jXg1VxvtvjqD4LZsM714p2vhptKqIxdOSuImQXWgXLXdheiGCjZr9r_au62_exVDIJiH77C_aQDSN8NOAAr6Jl_1A8xIiDleHZ3S9sNnezMZ6GtYwKs0pnfMFgl1vuBBZFMi6dscJNeXa2QxPspOUpThQuXMj1bnKxPxNfiJRRaC5LPYlzLijyQwMmN2HKPggNMXX4XrftBN1b_g2qyOBBZHUqrWGGTlEHi1lPAICzWQCy6LchXNZljBcJYfHMwX_pYBEpk7cym2pQPYecVu-C6sEVwDp40ITzMqCdw3ZkwLXw6tvemVZG4eTmW9b73BVxP8LX7ySa8O0XUUA8aTL24U20HjEoFeEh_vFWBAOFW0rKurhaqNhxcuX8RHVPsmFDdPablAYecy3V2KqSpbQE7c5iKwpzrxmHh9y5gLNpSXL8DNPcwGF7FGcHVrICcvh6HS8pl1VyWIIKaX03W9WAuG2djBh2pcy-WHZgztxgFhkuHOWZm4fFUryFBZDcGjeQIxd7HWOyF3HLERiWuzdHbdvJ83rfpIbFhk6HzoZEX6KjtmpFiFU_eEKuIqt9hZ5MlmZ0uJRy0-pjiwM4NrZYhKq8hVhbQYv0Rba8VbMBasl-Aqe4kSljC-3jUiH_oKN1VUbso52Mx2frUsH-anNzIagpEX27osIeWGzvPUuTBkkQLGqHVBkXukyU1Hi3J6yR8TCoP7WLPfMFHsRiCWyt2PRuSevHmlqLFo1Pj0QEj5unR8YDlPm85rc9X3w1QgR4D75cvp9rm27QBWxTO1KE8XBTDl3qWJUN6oLC66TL5sVkwlNS49Yr0FUVxujh2ZHaTLWsJqlfb3omAm7cEJmrBq01QHNqzBDaqk3s9MliLXwFyvzvYrADpdCTPIkMxuCjJKHSb9LSCuIQ8cJSz80dkSZo58Uhh56IGBuQwmZZezLbBbLiMTYdndkL4M56zRa1sQQ6qVx7j9bomENmpt1Z2urR_O5d4EDQjj9med162IAxF7hkrSHZpmJAm1l7BA8bmNkjMkKZQgRgS6vs0k4gsofG69Zo43ZnqoCzNNkPaUDP34uwPqX42ue1OD3GeS_Sy78J5fTyPRAjL1fkx2kSJzumqMSZc9oHCbhzKX_45gN4bys3JTbBRCaDnaLhbdZF-frJZAwA8uDFUh04iEMEbx85dVzXWXM_WXgksXFbmGVbIviUySg9oiV2WWHnHYG2Ej419eJOh-EXBVELjwO6mc7NUO5IjWsvlX1hwEJy3FtfhUdyZhDP2BqPTXIGxvqij4Pr9xSnM76mgiVkMxOsIsA_F4bO6Ew_7isDpPF6YaHQ8D5CdyUOy-C6ABBS9fP0iOaiogBh4jWFsGN0nHbLjkfMuinhEEwp5Ykiv13vQigp_t9Bfc3xvvfohZ4nkRXL_2i5u9jw0tLtcdscs66KhZ2uqUL_Sx5aiUiqeJ00p7c2S33xo812HD2AWNieM-_Uh9JZBMjjc3KCRslhQ1zJ7dVrFIyfHocloCKW4qng5v3HLnGBRihYBPknb4H3Q6kOXd0OkglNyW1gYBZhXZaWpI6T5WHZDbgaFsKoeUMqMAhx86OjI2_T7OIEO_KOLYMOVqBSiM3uuOr_KlRZZ_N6e1Pb2nQjlys7tKpTTkH4FKsarF9dER5rhRH1wq5j6pgtOsZoJ4t4s9BqzZWpza76ZjFS1udoM-Lz97S08_iOeijQ7Bm6Gu9HYg2I0BSAM53NqZG_iOMUZnmorIHADz9mS9hdaWdStr9BFNWfp0-EJgMyXTHFwxk-kw7hFU4bRe3K-iJ0wlYIcRDUuj4rj8Sp5TZde2hjJTeKP6G9_90wuyUHhHfer-O_KClJ2tBpHZJ6FTTgIyt_bndVCbJUMA14sIGR0HRS2lQFc4zBuvUcQL8jrZ2Zz4n-KTZoKksQPxnYhGyd4v1fcS1kX7Fj_QddHMsIRiYLdaFmiVyZPgUdAgywEerWxkcfVt_Gp-RFmAVFUjxKtNqFGMCRkg29tF-7YhBMDYPxD4Mg1yPOBCzJnhmxfF2SEAB8gXcflmZ5PPv6tHwWfzHDSm9M3IO3YsGr5GK1L50Agg24a71zMfaMZ22daIDCGYFSYUCy4yY7wmHvJxtBh1YzX15FOCYDh3_JB4BDzGT7NVkQp1i8ent0E2QpGqmpA5XLJqv56lmaPs4_boJKbCnYvrhv5rSv_RY1cOZJdE2gk8yv2lh6S97zm5To9Nm5yndEKAmsehoLrEJiSo7PYIXU6cGmEsNcQyIKGkw91L9BlW4yOxVMQbJK4NuW0yK8uROB8t-nFao4ZlWuW1eTLX7u6eyiE_XsZhzPRCQLeaN53V6j4oZTYJ4zc4Gy6Jrl5WtkFkHB0tGTcewI-4vNO93WhjBvz6vQdGacCtQp8vRVK5ml_ZmOgetStCQaoG2Fhas84LuYe-1G7Wy-icW6Tp6ttD24Jrn2zuXrQ7wo0qsE-3TvxnJoIf0om0I5T-45TqUWKR9G3kHw0V-SeEcVNuQvadUEWJGXBzwW49YEqicKzI_fNSpwXV_Oa4qawq-M1td8tx0DoyodzhTe3oG6bkfBlb0MckkHi2dU-XgdraL0aa04WlOwaCqC7iD7WHQD6glqfKQ-sHudxHYJ0LRhYUSRMUta8UXwTrxguY6jQYwwEtFvBMhRIiv8iP_xlJbjjzyItRjJzvRpbUmqr1ednhTXAcFAD-UNAJtw6_T3g4mZJy89S5zbm1NLeQUEfgHPTyb5rRvVuJuLZuuqE6BmqQGtDfh7g7OsYF3wh3dq5v6X46OKw61s26KbXo2F4sSaP5EvUrjY8j71KO-D7pdR9U7T6JC1EvEOWOOh0Zr1Dec3_gLNmfyiROWsoMkrogW4lKUig6pwMvz19J22GegeWuVVPQ6iKp4ScPYBR1Nfn0FNagX3MZ26PNsK08MIbUbYEPUL1hUnDPVpJ3-IVWuaFu-r39veOjZTmMXttyuSd0OvD0y4yNvWosr6pz1VGopj1FoQAPoczEc4dFza-edDqYc-pMki8UE&cid=CAQSOwDq26N9DbMQLijmtzCPojjqsPCJkePvxjvlsmvS_N-_J1VnKiGcgpf3KkpPMhG0PbZFievq-dUpHaSFGAEgEw&rfl=2%2Chttps%253A%252F%252Frivnepost.rv.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:35:13 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 5D56 30 KB
11 KB 49ms
49ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11494
x-xss-protection: 0
server: cafe
etag: 10034648733587439634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:34:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC4E 4 KB
4 KB 16ms
15ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=10391&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F10391%2F180604%2Fa9e8a35c9e904625b41a29aaa1246f8b_thomas_sabo.png&v=3&w=196&s=pIOE4zrtlW8pBgTirF3XuLEJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

695cc6ef8446ee3a2e6ddb92244f406b64279708612d7d1dae59359e2e7c1ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30218650
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3939
expires: Thu, 21 Dec 2023 00:14:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC4E 11 KB
11 KB 16ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=10391&q=80&r=0&u=https%3A%2F%2Fwww.thomassabo.com%2Fdw%2Fimage%2Fv2%2FAAQY_PRD%2Fon%2Fdemandware.static%2F-%2FSites-ts-master-catalog%2Fdefault%2Fdw5b61fa4d%2Fproduct%2FP%2FPE%2FPE928%2FPE928-966-7.png%3Fsfrm%3Dpng&v=3&w=400&s=u_1kA5UTmBpNr5JTDMPx606a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

694a08362c6d587be174cd104e6888385d9a6e53e663c2c6f1846f988e9ff6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1397959
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11406
expires: Sat, 21 Jan 2023 10:29:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC4E 20 KB
20 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=10391&q=80&r=0&u=https%3A%2F%2Fwww.thomassabo.com%2Fdw%2Fimage%2Fv2%2FAAQY_PRD%2Fon%2Fdemandware.static%2F-%2FSites-ts-master-catalog%2Fdefault%2Fdwdf9a4625%2Fproduct%2FK%2FKE%2FKE1971%2FKE1971-340-7.png%3Fsfrm%3Dpng&v=3&w=400&s=6fBDFGRmJ3726MXJJjopBx_T&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

46198e6dfdc2944fc980571e4fcd20344f592452236a3c6241d4a0de4eeceba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1557432
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20406
expires: Mon, 23 Jan 2023 06:47:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC4E 10 KB
10 KB 19ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=10391&q=80&r=0&u=https%3A%2F%2Fwww.thomassabo.com%2Fdw%2Fimage%2Fv2%2FAAQY_PRD%2Fon%2Fdemandware.static%2F-%2FSites-ts-master-catalog%2Fdefault%2Fdw906b96bd%2Fproduct%2FT%2FTR%2FTR1980%2FTR1980-051-14.png%3Fsfrm%3Dpng&v=3&w=400&s=dqhCK2l-joY-63mFo2n9zzu2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

fd631bb4a804bd4bf7fc85913d015b972a322c151c4fcc5711038912929dfecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=698206
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9866
expires: Fri, 13 Jan 2023 08:07:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC4E 7 KB
8 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=10391&q=80&r=0&u=https%3A%2F%2Fwww.thomassabo.com%2Fdw%2Fimage%2Fv2%2FAAQY_PRD%2Fon%2Fdemandware.static%2F-%2FSites-ts-master-catalog%2Fdefault%2Fdw45b7b753%2Fproduct%2FK%2FK%2FK0200%2FK0200-007-4.png%3Fsfrm%3Dpng&v=3&w=400&s=KD6pcrUVEuJnwsVKIvelu61Y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

06725e851e5d9d27ddab60025570104735cc7bd18d3545acf4033b7ef087bd75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1572816
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7420
expires: Mon, 23 Jan 2023 11:04:06 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CC4E 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=itgFBnKTvXGmOw1nMjVZB1ASb_kdsfn90pLBDjjfPEVy2V2JwlZlDLLC_2eqQoUks5SoVThN6ZwNJefPR7TLIZ8bLz0Sn352jsO2zcr8ILr7uImBQdmFsNIwYMqgaj_mr368UrwpKO6gI9p8Hf6p9uQqQuXOXYdOgfzoNI6gZunWrYRDSRN9yKDM_m1O3nd31LM7qzew_uaexPyBmdAviact03FPokJyQ-XmA3DwDxzmBh61JJ-gJT7JiP2WPpPPvqU-_w&sds=2&rev=84145&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC4E 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CC4E 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 06:10:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 08E9 143 B
166 B 39ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:45:05 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 21AB 35 B
464 B 28ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGg8GgZhpkNaU6R1rA2N3Y&google_cver=1&google_push=AavPq0NRuZ9w7LS5fKF5aR-wHPi9-0dC3sk2VUTcMbyBdJe8r8RbmuNQAy6QJeuWo5Xw5A7817Pb3UB0Pg1549Aq27HbGvCqSgHXPUY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 21AB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIxtbj5Jtwr1XLN1xmq9HQU&google_cver=1&google_push=AavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1y...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIxtbj5Jtwr1XLN1xmq9HQU&google_cver=1&google_push=AavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ...

43 B
445 B

174ms
159ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIxtbj5Jtwr1XLN1xmq9HQU&google_cver=1&google_push=AavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784a0d193fd92c7e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 55
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIxtbj5Jtwr1XLN1xmq9HQU&google_cver=1&google_push=AavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PIp0u4b4CS8aOfGf6Ymn5Befay_oIgxIUKrGKsFQKlGxRpXLMWDJOF1rgz3u2fPlDS8I4VsGTt6saMqW8dY-xtPXVMwdJ1yDk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784a0d179df52c7e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21AB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJx1OdLVm2O3u4qypLSY56w&google_cver=1&google_push=AavPq0PxodserNVCpy75Oewu4X-MsJ7F4wDH4DUuMDtdnx2PGjLRggLQOOZduTaXanoRDUyeyP2wHTYVeQqeLDIn4b2e-uP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PxodserNVCpy75Oewu4X-MsJ7F4wDH4DUuMDtdnx2PGjLRggLQOOZduTaXanoRDUyeyP2wHTYVeQqeLDIn4b2e-uPD02Oihq4&google_hm=eS1xYWE0RGVoRTJwSE4...

170 B
188 B

65ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PxodserNVCpy75Oewu4X-MsJ7F4wDH4DUuMDtdnx2PGjLRggLQOOZduTaXanoRDUyeyP2wHTYVeQqeLDIn4b2e-uPD02Oihq4&google_hm=eS1xYWE0RGVoRTJwSE40ZmxrbTI0SWNRYkFxQ2htdW12Nn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PxodserNVCpy75Oewu4X-MsJ7F4wDH4DUuMDtdnx2PGjLRggLQOOZduTaXanoRDUyeyP2wHTYVeQqeLDIn4b2e-uPD02Oihq4&google_hm=eS1xYWE0RGVoRTJwSE40ZmxrbTI0SWNRYkFxQ2htdW12Nn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21AB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNr...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYst...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNrm7WTCRQ

170 B
188 B

66ms
65ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNrm7WTCRQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OPe1SLFsSqPRQ7vL1ELBDmZielurKX0Ojb6l3Z4tudMNCiRXMLgxRT5zqWcx4JbHRPcPh05AcxL9xshso-XrYstNrm7WTCRQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21AB
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7HDbuKuFWvr1oYnI9tqyg&google_cver=1&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7HDbuKuFWvr1oYnI9tqyg&google_cver=1&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0lGsl40Zz5cKMg&google_hm=F7xypGZHtVtU4x5vTvS1...

170 B
188 B

68ms
68ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0lGsl40Zz5cKMg&google_hm=F7xypGZHtVtU4x5vTvS110N8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OWKtTkwtXFjLRAfwYqKVS0dQxJGb7XeTDRH_Xk1gEUTpUmW2QrRvDeqmA_q5SaU7wP3MW-B2mL1NlqJEkP0lGsl40Zz5cKMg&google_hm=F7xypGZHtVtU4x5vTvS110N8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21AB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH2CEurmo6x-wmdSHQJEaEI&google_cver=1&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWV...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH2CEurmo6x-wmdSHQJEaEI&google_cver=1&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWV...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TX2ZuSUtCRTJ1RkRJNE9RcWZqc2tHdUdQYjBLRVNUSn5B&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11...

170 B
188 B

68ms
67ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TX2ZuSUtCRTJ1RkRJNE9RcWZqc2tHdUdQYjBLRVNUSn5B&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWVZcVIz_874HANZIgNhigXZgKD37Tf2O

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TX2ZuSUtCRTJ1RkRJNE9RcWZqc2tHdUdQYjBLRVNUSn5B&google_push=AavPq0N9OmeMz76XuPyi38aNctkM8AQnqOraNsKCN97vybWyTileYjG11DIVH4vlmC25a0diWVZcVIz_874HANZIgNhigXZgKD37Tf2O
date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 21AB
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0OptNmBtibqyZtvhkuRq3tIF_sVaatVqwzdVOTQ3rX4UPnhJWQBVA-OeJbhVPumqDE8xa-BuEgeRwj...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OptNmBtibqyZtvhkuRq3tIF_sVaatVqwzdVOTQ3rX4UPnhJWQBVA-OeJbhVPumqDE8xa-BuEgeRwjt-VpgyMb_UNzwZT_1uYV0
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 21AB 0
50 B 62ms
61ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKpa9CCSEi34AzImJ5_nAfrfcBjcTVzXXMAHP2HXROud1thiR-u3DvxMYF2TJyua74blwpyVw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2419322002&pi=t.aa~a.412061910~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250&nras=4&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=g65JlHZ8QK&p=https%3A//rivnepost.rv.ua&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame 2773 9 KB
4 KB 132ms
51ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:46:31 GMT

GET
H3 200 ee85f67ba4fb5cf34cf5bdff22cd7f55.js Show response
www.gstatic.com/mysidia/ Frame 2773 111 KB
37 KB 136ms
56ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee85f67ba4fb5cf34cf5bdff22cd7f55.js?tag=leadgen/snom_image

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd05e27feba8f8fc3cef5ca052493ffc0a4b126dec26e0ed76aa72e2318cddad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:52:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38309
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:52:25 GMT

GET
H3 200 69f35d4009f437629e027ef59dda1b20.js Show response
www.gstatic.com/mysidia/ Frame 2773 19 KB
8 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69f35d4009f437629e027ef59dda1b20.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd7180f8693d0da61ed437180a4d9e6a585ba272b52034f325ee967c06345e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7842
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 19:46:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2773 6 KB
964 B 127ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:43:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2773 27 KB
7 KB 54ms
50ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:06:36 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2773 51 KB
11 KB 68ms
63ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11613
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:05:55 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2773 18 KB
5 KB 57ms
53ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 20:02:31 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2773 103 KB
19 KB 57ms
53ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19915
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:06:44 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 2773 58 KB
10 KB 68ms
64ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10701
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:06:36 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2773 31 KB
3 KB 58ms
54ms Stylesheet
text/css 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 08:22:15 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2773 3 KB
887 B 58ms
55ms Stylesheet
text/css 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:14:18 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2773 2 KB
639 B 59ms
55ms Stylesheet
text/css 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 20:23:35 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2773 37 KB
4 KB 59ms
56ms Stylesheet
text/css 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4280
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:06:44 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 2773 51 KB
5 KB 64ms
61ms Stylesheet
text/css 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4972
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:06:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2773 2 KB
765 B 50ms
47ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 daad2fcb01fa5d12d0fadb2035f56aba.js Show response
www.gstatic.com/mysidia/ Frame 2773 22 KB
9 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/daad2fcb01fa5d12d0fadb2035f56aba.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

322e7fbd2b15ef0888b0c28c3d42f6a082526435e32d94090225b74a52d054b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9610
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 2773 24 KB
9 KB 51ms
48ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2773 3 KB
1 KB 59ms
57ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2773 18 KB
7 KB 53ms
50ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2773 154 KB
47 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
DATA 200
OK truncated
/ Frame FBA5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a31548ef5cc33b72ea235e63d28530dcf076b14e98de84763a2377e19b7e218

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 900B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3693096211160b80a6fddbdf0c5ca85d303f1a847bf2af5d722415ea277ce53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK xxvlvujily3i Show response
hal9000.redintelligence.net/zone/ Frame 55EE 11 KB
4 KB 60ms
14ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/xxvlvujily3i?subid=&rnd=610570720633371933&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D
Requested by: Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 33008ccce54547003b3dd110d7ce1871dbee38646ef267b4a5bf9d12fbb1b7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3481
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 55EE 49 B
330 B 60ms
17ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=610570720633371933&node_id=3289&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdJMVlUZ3lZMlV0TjJVeVl5MDBaRGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxMDU3MDcyMDYzMzM3MTkzMy82NjIyMzI1LzQ1NjIzMDYvNC9xSWdCRFhlYVFfV3lSTXFzNnFHR2Z3WTZGX2NXNHRGNFZKRmdCOHIzcG9nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxMDU3MDcyMDYzMzM3MTkzMy9hbXMvMC83MC8yOS85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3Mjg5OTAyOS8xNjcyOTExNjI5LzQvcHViLTIxMDgzMzgwMDU5NTUwNDUv/HV377vM2iw0PbIKV8dHwgfag1b8&nodeid=3289&group=cdg&auctionid=610570720633371933&pbs_auctionid=610570720633371933&shardkey=610570720633371933&sid=4562306&cid=6622325&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.374.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
Server: MMBD/3.374.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x93, cdg-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 55EE 43 B
404 B 72ms
25ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=610570720633371933&v3=651871&v4=4562306&v5=6622325&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdJMVlUZ3lZMlV0TjJVeVl5MDBaRGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxMDU3MDcyMDYzMzM3MTkzMy82NjIyMzI1LzQ1NjIzMDYvNC9xSWdCRFhlYVFfV3lSTXFzNnFHR2Z3WTZGX2NXNHRGNFZKRmdCOHIzcG9nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxMDU3MDcyMDYzMzM3MTkzMy9hbXMvMC83MC8yOS85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3Mjg5OTAyOS8xNjcyOTExNjI5LzQvcHViLTIxMDgzMzgwMDU5NTUwNDUv/HV377vM2iw0PbIKV8dHwgfag1b8&nodeid=3289&group=cdg&auctionid=610570720633371933&pbs_auctionid=610570720633371933&shardkey=610570720633371933&sid=4562306&cid=6622325&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 277 3f0ad7a master cdg-pixel-x11 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
Server: MT3 277 3f0ad7a master cdg-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 55EE 49 B
330 B 60ms
17ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=610570720633371933&st=4562306&time=1672899029&nodeid=3289
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdJMVlUZ3lZMlV0TjJVeVl5MDBaRGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxMDU3MDcyMDYzMzM3MTkzMy82NjIyMzI1LzQ1NjIzMDYvNC9xSWdCRFhlYVFfV3lSTXFzNnFHR2Z3WTZGX2NXNHRGNFZKRmdCOHIzcG9nLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxMDU3MDcyMDYzMzM3MTkzMy9hbXMvMC83MC8yOS85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3Mjg5OTAyOS8xNjcyOTExNjI5LzQvcHViLTIxMDgzMzgwMDU5NTUwNDUv/HV377vM2iw0PbIKV8dHwgfag1b8&nodeid=3289&group=cdg&auctionid=610570720633371933&pbs_auctionid=610570720633371933&shardkey=610570720633371933&sid=4562306&cid=6622325&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.374.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
Server: MMBD/3.374.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x90, cdg-bidder-x145
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 05 Jan 2023 06:10:28 GMT

GET
DATA 200
OK truncated
/ Frame 025E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45226241663aaa4b84fd93c243843a893b0e48c5b753ff41ab04817c8eef0557

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELqoerPQr-AcaOFdk_fQILY&google_push=AavPq0M2udemZuOsUkRLhhSZBHydoP_CFdNs4rIWW8mBAzCvIvibpN8Svh...

170 B
188 B

70ms
70ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELqoerPQr-AcaOFdk_fQILY&google_push=AavPq0M2udemZuOsUkRLhhSZBHydoP_CFdNs4rIWW8mBAzCvIvibpN8Svh_gXyXLIxy6zj5z9pgS9XJATjWib9Eai6_kNaC5vA2QFG4

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220048-HHN
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672899030.823476,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELqoerPQr-AcaOFdk_fQILY&google_push=AavPq0M2udemZuOsUkRLhhSZBHydoP_CFdNs4rIWW8mBAzCvIvibpN8Svh_gXyXLIxy6zj5z9pgS9XJATjWib9Eai6_kNaC5vA2QFG4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEK6kUuR3h1_dzW2cJ8LlJ-g&google_cver=1&google_push=AavPq0PfGBZyHkl8wyFb_1g_vLNCccEeyC86FxvlXm2pbyvi6GdMTGvgfSilhah9B55tkMmAQcgKh9VILIv8K2yarSIQoIRnCof6UOo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB62F52BB95E433E8B11F5F66C9144ED&google_push=AavPq0PfGBZyHkl8wyFb_1g_vLNCccEeyC86FxvlXm2pbyvi6GdMTGvgfSilhah9B55tkMmAQcgKh9VILIv8K2y...

170 B
188 B

64ms
63ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB62F52BB95E433E8B11F5F66C9144ED&google_push=AavPq0PfGBZyHkl8wyFb_1g_vLNCccEeyC86FxvlXm2pbyvi6GdMTGvgfSilhah9B55tkMmAQcgKh9VILIv8K2yarSIQoIRnCof6UOo

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB62F52BB95E433E8B11F5F66C9144ED&google_push=AavPq0PfGBZyHkl8wyFb_1g_vLNCccEeyC86FxvlXm2pbyvi6GdMTGvgfSilhah9B55tkMmAQcgKh9VILIv8K2yarSIQoIRnCof6UOo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 04 Jan 2023 06:10:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBA
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDZvXTLAUCE7YWheGkH2l4c&google_cver=1&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6pNNtEsss

170 B
188 B

64ms
63ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6pNNtEsss

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MUsmroHFpAIHjR_uH3zXbdtJxJ_TIS46-4LwAxtULYH99bpH9IJ-F8GtIDkYUaXUNVC2V7dogH69xzlStU9KGd3l6pNNtEsss
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3CBA 43 B
351 B 97ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENVhDI-3wbwdDOJJJEqQGss&google_cver=1&google_push=AavPq0NsFKDfr-qsF4KzDygmJ6F75RqJYEqAgmteGdnItPDG2pyjaI4wKYn23D4ItD8DBhDHwMqUgZqvQDzMvRr1iyWA9gbKZYUsC8I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: s67a8clk74gohgthufrj7nbtg0npip74

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yPA40AEyRdu144EGZSy4zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

67ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yPA40AEyRdu144EGZSy4zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NnVJuPdf8ZY7RpUQp4g3z9tnbS3Bj4bV0KQFC403Jnc7UoBKAYdGZSTaBT_zwkU5eLASvq_2SegX1oq19j2HyiefGfUpk-3Qg

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yPA40AEyRdu144EGZSy4zQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NnVJuPdf8ZY7RpUQp4g3z9tnbS3Bj4bV0KQFC403Jnc7UoBKAYdGZSTaBT_zwkU5eLASvq_2SegX1oq19j2HyiefGfUpk-3Qg
date: Thu, 05 Jan 2023 06:10:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 3CBA 0
75 B 85ms
17ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF2iaIYbNewFigTR8jCcZ7E&google_cver=1&google_push=AavPq0N0pNEpqQ0k4hhRhlPzEohWF3Bt1gpLxMYNiWcKxRFuRDCPAbyDwJNz-3lRCuWDk0axeyZ0fvx58jsakwHSTgCRU_VvJQBxtA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=1758758442&adf=2985693325&pi=t.aa~a.1489535311~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250&nras=6&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=3601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EGIzSzNHkd&p=https%3A//rivnepost.rv.ua&dtd=60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CBA
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENgE_i-vq...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENg...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7aa48db-8910-4640-b64f-709259b173bd&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

67ms
66ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7aa48db-8910-4640-b64f-709259b173bd&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7aa48db-8910-4640-b64f-709259b173bd&%%GOOGLE_PUSH_PAIR%%
date: Thu, 05 Jan 2023 06:10:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3CBA 0
12 B 155ms
66ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIc8M6_3VT3P8aWrF5aNY_wmWKfRuAoU9_n348NJpBt8Nv5XpPN_JHemA9CpOfTaJcLisuHA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 54C0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 872792b6a6e32547b02cd180d4d63a7b7932f75c44af766e52d70216c6c5d220

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A96 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:45:05 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0N8w-uXWaXSIJTjRc_jKSmyEiCBL_4ex3_OWHTtm64...

170 B
188 B

67ms
66ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0N8w-uXWaXSIJTjRc_jKSmyEiCBL_4ex3_OWHTtm64Yiky2gNzga1s_I3D2--Da2Q6BHSp9wMIt2rWon6uAswYgsNW5EQeuIRE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:29 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-075a2be6ec0585887@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0N8w-uXWaXSIJTjRc_jKSmyEiCBL_4ex3_OWHTtm64Yiky2gNzga1s_I3D2--Da2Q6BHSp9wMIt2rWon6uAswYgsNW5EQeuIRE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBfOCeSx48nggpKspbpCryY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBfOCeSx48nggpKspbpCryY&google_hm=Y7Zp1SuNUbIj3eFffGgUfgAADRcAAAAB&google_nid=index&google_push=AavPq0NFOxhwfX-i4do_p6pSIbPXc9-_y2a88...

170 B
188 B

67ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBfOCeSx48nggpKspbpCryY&google_hm=Y7Zp1SuNUbIj3eFffGgUfgAADRcAAAAB&google_nid=index&google_push=AavPq0NFOxhwfX-i4do_p6pSIbPXc9-_y2a88vMuLhPc6u9GuIxn5PM_Du-akRUGsbY_luYGQ0NHqzKVcKrLIUV-n93qAMFcskaH2Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Gz%2ByE7yyUa8JLByV7ODVGYu17kqLDvd0eumByr%2BqFswtLHgMbdaz0G9eKiPonETFMaglh3rDpkExEDwSNSzIkP7fsJpziRdf5jW%2BAMoU%2BqrGAG4bFLkHh%2FQwJ10vO3A0f2X23SuBhBV8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBfOCeSx48nggpKspbpCryY&google_hm=Y7Zp1SuNUbIj3eFffGgUfgAADRcAAAAB&google_nid=index&google_push=AavPq0NFOxhwfX-i4do_p6pSIbPXc9-_y2a88vMuLhPc6u9GuIxn5PM_Du-akRUGsbY_luYGQ0NHqzKVcKrLIUV-n93qAMFcskaH2Q
cache-control: no-cache
cf-ray: 784a0d18fcbf2ba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D9
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIr_-wfYyqpldFg8Hu_8x9I&google_cver=1&google_push=AavPq0OigTqkYKtXl7LaTQoF4-Hm3qqX9vRJQOlMUcdORPsDv7PA_xMw9vHRpXrykH2HNF7zzZHETajYmmqYWwQv...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OigTqkYKtXl7LaTQoF4-Hm3qqX9vRJQOlMUcdORPsDv7PA_xMw9vHRpXrykH2HNF7zzZHETajYmmqYWwQvSDaO4Ao1ZalUWiU

170 B
188 B

67ms
66ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OigTqkYKtXl7LaTQoF4-Hm3qqX9vRJQOlMUcdORPsDv7PA_xMw9vHRpXrykH2HNF7zzZHETajYmmqYWwQvSDaO4Ao1ZalUWiU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:29 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OigTqkYKtXl7LaTQoF4-Hm3qqX9vRJQOlMUcdORPsDv7PA_xMw9vHRpXrykH2HNF7zzZHETajYmmqYWwQvSDaO4Ao1ZalUWiU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 7s8xbdTwHm57km7r6nN8kuULXRvRJszLIiV4D9d2HB4WllNMXYWP-w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0OfswEdpljt4QxO1VfYPO29cQC90xjOVKvB792mmvMZA5lFLzHfNCLpTqzDvQ0atxGIjORsn5nFgt2w...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OfswEdpljt4QxO1VfYPO29cQC90xjOVKvB792mmvMZA5lFLzHfNCLpTqzDvQ0atxGIjORsn5nFgt2wo-t9WwglVLYjD8Quo_8

170 B
188 B

68ms
65ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OfswEdpljt4QxO1VfYPO29cQC90xjOVKvB792mmvMZA5lFLzHfNCLpTqzDvQ0atxGIjORsn5nFgt2wo-t9WwglVLYjD8Quo_8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OfswEdpljt4QxO1VfYPO29cQC90xjOVKvB792mmvMZA5lFLzHfNCLpTqzDvQ0atxGIjORsn5nFgt2wo-t9WwglVLYjD8Quo_8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D9
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEMtuECY2OIMkdG-VwkuVaeU&google_cver=1&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1k7p3zy...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMtuECY2OIMkdG-VwkuVaeU&google_cver=1&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=M_19RYNaRDy0gpSG51GVvg&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T...

170 B
188 B

64ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=M_19RYNaRDy0gpSG51GVvg&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1k7p3zyGwi55vrw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=M_19RYNaRDy0gpSG51GVvg&google_push=AavPq0OooHCGKcfp28bpY5H4zMFMH5U3dsjRA29nBi0Ms4WaCT3eA_MTie8OPqt0Uffsk2devWUSTqm3WQgO22T1k7p3zyGwi55vrw
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/ Frame C7D9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0PCie0eVnYjMqt0FRTW4LDDUYivtByt8xpi0TgiFKIHHSm9g8f5yKC9rpYMj4IdgoRSfPQSHtZB4Jz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PCie0eVnYjMqt0FRTW4LDDUYivtByt8xpi0TgiFKIHHSm9g8f5yKC9rpYMj4IdgoRSfPQSHtZB4JzmYpzc6qsiPbe8giIl5Akr
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
8ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7D9
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NrHslUohAxS...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NrHslUohAxSw_VV5hyBXwL0bSRoJ...

170 B
188 B

69ms
68ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NrHslUohAxSw_VV5hyBXwL0bSRoJvhb6wcRl8dftOc5fyDraiQC3qbkmlamcO3wlnxfhQCEa9pk9XG8cyX8YOIUYYZoAYgPI4W

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1f511df8-91b3-48cc-8388-b53e9575f3cc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NrHslUohAxSw_VV5hyBXwL0bSRoJvhb6wcRl8dftOc5fyDraiQC3qbkmlamcO3wlnxfhQCEa9pk9XG8cyX8YOIUYYZoAYgPI4W
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C7D9 0
12 B 69ms
68ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBtaJ63u6Vs5X5Yg9_awI9UOsc4F8s-eA2UoB_BPwCFWOckQrXQt1U65Ty5MIMLaEYpxBsJPc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=1780804969&pi=t.aa~a.2432572328~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250%2C306x250%2C306x250&nras=7&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=6NBodHSdHC&p=https%3A//rivnepost.rv.ua&dtd=65

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame CC4E 3 KB
549 B 78ms
75ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:50:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8827 3 KB
4 KB 57ms
23ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26834061
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWAoipMzzEOylXiuLv%2Bz8c0e8lpZZJzljaWdIIPwyGSWeRB61vMxsO%2FNVbuhpyupwDnWb6S2BKTum3MhBBPOe5JP3MgDFlODfibniKvgoqtcR9YcyV3NITMwMvYIYNNxXbvGz2uB7ef54TW%2B3SbTuvvD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 784a0d197e719b9e-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0EB8 3 KB
3 KB 57ms
24ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26834061
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx3OkIx9jIMYOf0n09U3DG5TxxJZ%2BI6pDCnkq1RkGa%2BzKJFDXYtzqn4aH3AV6ivH%2FZej86Y5L1XJikLRaav%2BwkhTbP2c9Yp1RY7APGHUPhjxP8SLb1eSBuZWNmtRTAFNYlxZpZJSiitUH2viI1boY3vP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 784a0d197e729b9e-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 55EE
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

124ms
102ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D2556755939%26pi%3Dt.aa~a.412089228~rp.1%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D2%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%252C306x250%252C306x250%26nras%3D5%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D2885%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DU3iM7FLFov%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D55&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frivnepost.rv.ua&random=808341192306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55
Protocol: HTTP/1.1
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f04b2091381bb59654459cadbaaeb9b55e7de1706f91041ffbfe0f7fb43d557e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 69065900021213600951399012195005
Connection: close
Content-Length: 967
Expires: Thu, 05 Jan 2023 06:10:30 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D2556755939%26pi%3Dt.aa~a.412089228~rp.1%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D2%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%252C306x250%252C306x250%26nras%3D5%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D2885%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DU3iM7FLFov%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D55&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frivnepost.rv.ua&random=808341192306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 05 Jan 2023 06:10:30 +0100

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EEF5 3 KB
3 KB 46ms
25ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26834061
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZ8K1klbtxjnL6TZHGhd1JXUnQVUU75nhEyToqOlaF2Es6P9Kvl7wZ8BHDGrN2DQyQJ0Vgo5f3uqx6zlCqN2H4SPx8OV%2Fi79UNZrKH7Sr%2BBgMG4MsH7lEbI3LtXQQGTAdwizOtvv2IBjuHfVAkK1QQ0O"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 784a0d197e749b9e-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3 200 14371824680338929999
tpc.googlesyndication.com/simgad/ Frame AA45 18 KB
18 KB 48ms
47ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14371824680338929999?w=300&h=300

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d418160dd6e5aec52be7ff4840da8d2efd87282991088f580e852a6b54ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 23:27:43 GMT
x-content-type-options: nosniff
age: 283367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18032
x-xss-protection: 0
last-modified: Fri, 14 May 2021 14:09:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 23:27:43 GMT

GET
DATA 200
OK truncated
/ Frame AA45 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40aec81bf10f23ef69ff15f31771ed192bfcbd07128afa8ae3cfa6c6915c1475

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D56 41 KB
15 KB 49ms
47ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 21:33:36 GMT

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame 5D56 199 KB
62 KB 31ms
8ms Script
application/javascript 2600:9000:214f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://rivnepost.rv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2009632
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: gIUUWS2speBLV-urKt7jrtJiNHDPERK01WY1AqD9cNIkt-gfd9IUhg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5E46 1 KB
652 B 48ms
47ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D56 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ab14f4d2a6fd804b43646c62bdbc2ed7b94fd5b40f2eb2a903cbf2f5012c0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 93FC 2 KB
1 KB 16ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 727515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 784a0d19cf0a912e-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDw7WhXCN%2FpaFbmE0b1fLKPGNOcpv3EMg1nHsr1VWi%2Bi9B5ozqfhFRnMEd3My1kJ3OvOSg6b8knrDKx9ue0rpPh8rPbUmTburzS3jEsJicRzyjx%2BR2iNxmAPMa80COvauw%2F4bog%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame D10F 2 KB
1 KB 16ms
15ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 727515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 784a0d19cf0b912e-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGi2m2xL2BEkeqDGPnYM8gl%2Bc5vXWc%2FW2t%2BqZLXys9ggjFUASH8aJpC4bLqrcRu%2F6zBZzqlGMaMlxTpRCBSGjwE7OBxHwCQrTHifGXVaa%2FJo8Bh%2Fy89DXZ1jKMLdW46j4c10E9Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18371140143323373724/ Frame B713 1 KB
768 B 125ms
46ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40d163a81a60a4f29628f72060ad0fd3749411ea1c24d35a3c7a63d65ec356d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 740
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Fri, 05 Jan 2024 06:10:30 GMT
last-modified: Tue, 25 Oct 2022 17:09:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D56 0
0 177ms
84ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyLWjiDNCcQ3pBqUXkBj4-JW71XPpce0fVLCCtF_AMfhznMibVOrHsKKRfNLdXkyC9qpJX9d4l_wnqyJw3NYRsU7rr1q3rjlCX5Xn3N70-aZ3kZha-yYJlGUT4_zfurk-4mA2Qa2wkJH-viX2EU5e4aWwAVj4K5V7C4my9NN1HmlDk0fQaPxu9VO7Se53j11tpSWFPbwWhV9gQ9d7LPtDKnMkWVKDnSRr96tu1TiPtGeumOvNcpdjJfGzNPy104t7qMqsnVtVy9ivK416bKjhBgV27wh9Nf5PRPCcjB88okbMsk-5bF4ARNwK620bl_6NTN1-MRI07_xZTtDC1NJUMMqHayCpekCJN1OnrOKwiMKY5__vwhg6cyOgDcy98-t4eo7pNQtoCgZ0hT-vCSlzLIuhJmY4fuNSQiZd5RAJiwuUbzxLgpDe5qsDvSju01LJ9s24k-Zgito_ReezBjkMZOzXGyVEXrbiajjW8FnjlHJMRmkvDnhVeym8fM0jYZMm97KcHRTZ7MoOUgUcmWrylatDGqCyPCmGaOuIZYzxhEBqdmbIirdbzMAydpH984Q8_dGwfvH3v8XsLbvOvC8hMpoGE5DHOrv6foVY6G3U35TrDf6qiavHBdkcacpvDfnuaTjwQxLFeUU98LcUHKzNeIZiczFIpSvtd2B89n29wI1qtZNxCN1ErREhmQUrJWJICQ4fspWL95NqEOR1MjNh73CGgNtF_Mjh1YqcUcH1ckLpc1-tokX3JNf973pFxGc0EW7qdxKR0SilawFfhM2bTaR5wMQi6s8VRM5BkGQBjMuz3gTJ8VxIirfZ6ToOHFArXh5I67A5nAcNnzPkm0oaktmsu_JN_mjtZoYNqtd6ar1wXSn5iCakyREncpcu1oA8Iqh8TLv3VOCzRvp20UjuCOcqjVqvLKWq-wBQ7jRVieSIZBk9ybNE-mF9SyJtUmMzIpJoXju5Bzq0OK0DXssMzUkycYgv6hbzknmVlOMVR5SDTSt-Fu_--ARoT0pWA68XxFpvZRvfQFQgwySp7I0CabBzfnKHDQDEbNCqrD4iX5zFSCGlzHpntrACb1CgIhO7a8mN5XqYpm_Nxrc8LvH0YeLqGV3-mHWoS08YF4WvK30WVz7IzMk6WGV7Rrxx97qq56CAePRP8p7zWrTR4otyJiLTnx6Nfz9HMJEbIoJQV1w5x03-nuRQuXA4gEn4tqOhUvVGXQY1N_RVk8-EcqH2qVm5o7sVoIOQUjcpBlcByvzlEJ1aihYDh0BOPaAJRM5IiPKx1Cd2rT2NWch3z1PvenjY4ktvpgxIuBawLFo8Ub8PkvqUYjA&sai=AMfl-YR3zAQEkRO1tSagEFCK-icqIaxyIxQ5B1jlKtDwPI9dLb2UCrUGZ5PIvR2u_d3UmghdP-7PwOh8Jgj13Adh8kfVdJ_w5KtAOr6BxUGLoiZcu4pHKLa7HdhjIWBfE1RmKke54kumhOUDG7uQgocSjId-phTn0Y-6ppIFO3KyIrDlQz_RhtAEd_gXZ_35bLTxsGP9uE2tWqCuIV6_frLt0EBHwrD7tOOpoGqnCCRgf8UxjvL-h4AOj5Ey-PaY5XPkknHzHv5hpek&sig=Cg0ArKJSzB69lmchEyd6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&cbvp=1&cstd=453&cisv=r20230103.27137&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:30 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 5D56 60 B
60 B 103ms
18ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26964075&extCr=180660497&extPm=322763903&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 05 Jan 2023 06:10:30 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame CC1B 2 KB
1 KB 16ms
15ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 727515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 784a0d1a2f6e912e-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wQXE1%2B6scYSDVPKvBHCsd2rSMwkYyQEcU3tE2wUr2GaUGAynhyAR0xv8noFwu6PwzwEBR7rkBGA5rgaob4i2BruBWe05DgUK%2BZtKnBcy0ri8x8bf0h4Ypzpsn2JnZvRYuZrOmk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 08E9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Thu, 05 Jan 2023 06:10:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2773 0
25 B 80ms
79ms Ping
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyCjQIBCowdmlkZW9fbGFuZHNjYXBlX2JsYW5rX3NwYWNlLG15c2lkaWFfcmVsZWFzZV9wcm9kCi4aIWRpc3BsYXlfbGVhZF9mb3JtX3F1ZXN0aW9uX251bWJlciEAAAAAAAAcQDABCg0QKyEAAAAAAAA0QDABCiAaE3JkYV9pbWFnZV9sZWFkX2Zvcm0hAAAAAAAA8D8wARIaQ1BlVHo4TGlyX3dDRmRlRV9RY2RkbVlJRUEiEmxlYWRnZW4vc25vbV9pbWFnZSgs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/69f35d4009f437629e027ef59dda1b20.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14371824680338929999
tpc.googlesyndication.com/simgad/ Frame C556 18 KB
18 KB 47ms
47ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14371824680338929999?w=300&h=300

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d418160dd6e5aec52be7ff4840da8d2efd87282991088f580e852a6b54ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 23:27:43 GMT
x-content-type-options: nosniff
age: 283367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18032
x-xss-protection: 0
last-modified: Fri, 14 May 2021 14:09:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 23:27:43 GMT

GET
DATA 200
OK truncated
/ Frame C556 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efbde5953e15846e13563625484ef3f294cdcdff4b0d8f5b91adc6e8e941619f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame CC4E 30 KB
31 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 16:06:09 GMT
x-content-type-options: nosniff
age: 137061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 16:06:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AA45 0
17 B 83ms
82ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4HB41Gm2Y_jZEteJ9u8P9syhgAHG1rD1beKg1Jr2ENzZHhABIIy7hClgleKQgqAHoAGizu_iA8gBAakCBmGgCJTKsT6oAwGqBO0BT9AbA6jJbXki3PE3o_BT-sWx6aUw3phHmbCZV4a2VRXBy4jrzID5N7GsEev61oY-LUIwge53vS0guK05WNM_Hgg0M4ejki0jgimyZZlebUpbrzqpcae-zVbJXn71skvpkSiPBVUIk-yyb0U_vd7luleGgwD8VleCZOPnpZjQFrO9f_k6RRMfMa9yBrrRGAdDtwn_L4D4PZnyp3ikHb7NWZE8a-0PRiGGbp-zjHXg1iVgX8FK0Ftfw2dJnAUfkHsCGZTiVAyApbI-bej2zjOwP2xN6pUvMyaUWEb3qWa7mJxHeYb8iC1lx4U44bCGwATwg7fRngSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHxrGQHagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIjLAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMCiBQB0BUBmBYBgBcBshccChoIABIUcHViLTIxMDgzMzgwMDU5NTUwNDUYAA&sigh=T9I0mmoKNhk&uach_m=[UACH]&cid=CAQSGwDq26N9oVrBEyxfrN-lHCpFVkTMSLCZatOWlRgBIBM&template_id=5001&vis=1

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A96
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Thu, 05 Jan 2023 06:10:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C556 0
17 B 88ms
87ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTk2A1Gm2Y_nZEteJ9u8P9syhgAHG1rD1beKg1Jr2ENzZHhABIIy7hClgleKQgqAHoAGizu_iA8gBAakCBmGgCJTKsT6oAwGqBO0BT9DInwOlxXvl9b3Tq5_1dPmB_7sMW7D8hR6L43Y8xd730s_eKIR6qto4FYLXRbru0HE8KzDbz8WNlY9_YLCX2Gr3WkFFWrOVVYQ-W7VY4Zz8iHFdC84B6zx9JocgZIB2ua2znLVv56uxb7HrXJ8MEdXIHH8An8ENFSPh8g8FNx5EsmI2il_Rc4xhdUpDfBxm6GhBmzJFAHLJ2tqPSoM384bqcArouvbvzsAfFWFq6jxukH9YurdnbWqlq0lM1cldjnzPk0LyzfoCRKbyvaUGK9xEkz8rPbvkaT2uJposPsswc7tmtJ4iJ6ug9epcwATwg7fRngSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHxrGQHagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENeOAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMCiBQB0BUBmBYBgBcBshccChoIABIUcHViLTIxMDgzMzgwMDU5NTUwNDUYAA&sigh=rn7n14HwfOg&uach_m=[UACH]&cid=CAQSGwDq26N9oVrBEyxfrN-lHCpFVkTMSLCZatOWlRgBIBM&template_id=5001&vis=1

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame FEF2 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76A1 42 B
64 B 179ms
81ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumqF0lCN23yR4TCSyF2wkyNWIwKiQJnj2F2VsEwND8Gf75sEfE_2vXGebNIJuM_jlJy8f_GBDols3tyYq_64ipKnA&sig=Cg0ArKJSzKdng1nAJHvnEAE&id=lidar2&mcvt=1037&p=0,0,280,1000&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3105171064&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899028209&rpt=959&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B713 113 KB
38 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:10:30 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B713 118 KB
40 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 08:56:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7DDB 22 KB
8 KB 48ms
48ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:33:36 GMT
expires: Thu, 04 Jan 2024 21:33:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5E46
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDTJ8Ob_QXkqP6C89uf-aF4&google_cver=1&google_push=AavPq0OuzWqoKVM5LXHVT2x7gk611wJCKbgyoSLmPYm0wb0x7_8pyq-PORjfKY6wFvBlU6bLCH1AM0p68DWYTzF65xqPaaH7bhK_uA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM4NTQyMDAzODYwNjIzMDI3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTJ8Ob_QXkqP6C89uf-aF4&google_cver=1

43 B
398 B

52ms
50ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTJ8Ob_QXkqP6C89uf-aF4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTJ8Ob_QXkqP6C89uf-aF4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E46
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGg8GgZhpkNaU6R1rA2N3Y&google_cver=1&google_push=AavPq0PkuqnYNxppUycNy72m4RC_9slq39ExgtSMJnBD6jWE-JBT3XyQXw...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0PkuqnYNxppUycNy72m4RC_9slq39ExgtSMJnBD6jWE-JBT3XyQXw4kDIyINLy1_dXj-Hpcung95dngDSwNSptDEnFNpQEFzw&google_hm=R5lDdlsBQ0...

170 B
188 B

64ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0PkuqnYNxppUycNy72m4RC_9slq39ExgtSMJnBD6jWE-JBT3XyQXw4kDIyINLy1_dXj-Hpcung95dngDSwNSptDEnFNpQEFzw&google_hm=R5lDdlsBQ001Rb6aefR2AQ

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0PkuqnYNxppUycNy72m4RC_9slq39ExgtSMJnBD6jWE-JBT3XyQXw4kDIyINLy1_dXj-Hpcung95dngDSwNSptDEnFNpQEFzw&google_hm=R5lDdlsBQ001Rb6aefR2AQ
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E46
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0NBY87_3_13BL9fKxeSf4h_eMheVe1O0sVoD-gkezV...

170 B
188 B

64ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0NBY87_3_13BL9fKxeSf4h_eMheVe1O0sVoD-gkezVYESggCmI-UR2wWEMx9zkSF2KQ3PWmcEoNMgjXDznP6bNKkTcJKuN_EA

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:30 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0202b4924c632485f@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UVppRmphUDkxUGRqc3A1&google_gid=CAESEM6rx8Y4L2M-xSefNLNkDzM&google_cver=1&google_push=AavPq0NBY87_3_13BL9fKxeSf4h_eMheVe1O0sVoD-gkezVYESggCmI-UR2wWEMx9zkSF2KQ3PWmcEoNMgjXDznP6bNKkTcJKuN_EA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5E46 0
191 B 63ms
19ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGk1W0_mRTMhMz-lT_RXAg8&google_cver=1&google_push=AavPq0PCpw45_C9pxDiVjLMD007d5hqI4kgFkzMK60yjkskHfhQKIs4lj0Ggg9rPb47oW5NKh6iU2Nt43h2KPkSRq8NE60U5ktCI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5E46 0
174 B 114ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO1XgJ6O4n4Wk3x1DFu5tTQ&google_cver=1&google_push=AavPq0OYtYUkqaQ598aY4DyOyj431e4TCbC7Z7A31dfJmG6ANOFD1ozfaKNMtEy3vkOLqUvIqQN0XxR_6HRdfXa4IxTYVUjumAxGrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E46
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0P2dRbg...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0P2dRbg...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMDUwNjEwMzAwMDA3ODg0NDg3MDkwMA%3D%3D&google_push=AavPq0P2dRbgqv_siJNHL2mipnmsAn-O0HpuKiq-NEATb4PEUMSZZeht2NPYqpFXr7T3MG...

170 B
188 B

63ms
63ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMDUwNjEwMzAwMDA3ODg0NDg3MDkwMA%3D%3D&google_push=AavPq0P2dRbgqv_siJNHL2mipnmsAn-O0HpuKiq-NEATb4PEUMSZZeht2NPYqpFXr7T3MGCpJ7Oc6MA2HI9Vnga6pJrSegvJQQs0Ew

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMDUwNjEwMzAwMDA3ODg0NDg3MDkwMA%3D%3D&google_push=AavPq0P2dRbgqv_siJNHL2mipnmsAn-O0HpuKiq-NEATb4PEUMSZZeht2NPYqpFXr7T3MGCpJ7Oc6MA2HI9Vnga6pJrSegvJQQs0Ew
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 05 Jan 2023 06:10:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E46
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJx1OdLVm2O3u4qypLSY56w&google_cver=1&google_push=AavPq0PdI_fNhmBxIdgHEZ_oD_cQaBrdxMo256bHmM-aU5I1n-JWQUeduBR-X-ok4hp31-ECOj3u4OYlJUyzN2rydhjXY5P...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PdI_fNhmBxIdgHEZ_oD_cQaBrdxMo256bHmM-aU5I1n-JWQUeduBR-X-ok4hp31-ECOj3u4OYlJUyzN2rydhjXY5P8kyHvbw&google_hm=eS1xYWE0RGVoRTJwSE40...

170 B
188 B

65ms
64ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PdI_fNhmBxIdgHEZ_oD_cQaBrdxMo256bHmM-aU5I1n-JWQUeduBR-X-ok4hp31-ECOj3u4OYlJUyzN2rydhjXY5P8kyHvbw&google_hm=eS1xYWE0RGVoRTJwSE40ZmxrbTI0SWNRYkFxQ2htdW12Nn5B

Requested by

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PdI_fNhmBxIdgHEZ_oD_cQaBrdxMo256bHmM-aU5I1n-JWQUeduBR-X-ok4hp31-ECOj3u4OYlJUyzN2rydhjXY5P8kyHvbw&google_hm=eS1xYWE0RGVoRTJwSE40ZmxrbTI0SWNRYkFxQ2htdW12Nn5B
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5E46 0
12 B 62ms
61ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JufaCMXt1MClqAjpNmzE_7ba8zW0IuCr5UX9lCZwyWp8Ew2y1ed9fS3eAost9cAfeQUJuC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame E3E0 36 KB
16 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 20:49:24 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 8827 2 KB
2 KB 37ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb0d1fb36c17c645ac0b76f48f419a43fb5116ac9cbc137340f75cc7e5ff774

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ca1JIRCsB41Oz%2FsEaBS7Z1F1s5ZMGtd3vpu8lVd281WkaLXzgXxOKKxnL2dNsxcMvIpLLHmBxApV1y0I4CdulcMKdq5Heh9fH0%2F%2FQx6bN%2FZiA6MINrxzkEmF1atXLYunTrCdpgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 784a0d1ba9b691e9-FRA
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 0EB8 2 KB
2 KB 39ms
38ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee059a92b3094e4a2f04df153aec2ef0a978b70eb977df3d86c169085154517a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nW57ZwJAE95h761reD5Q1Z30%2BFogO27Qm2baiVc%2F4UU3dr%2Buy59Itui6Nka26quo%2BI%2FiY9Dv4PMYm%2Bd7TehwIg90VFu6T2llocT0e%2FSGqFPKmjAYlN4YvoBZ57%2BMBbIeobzX6dA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 784a0d1ba9b891e9-FRA
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 51ms
33ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784a0d1b798c91e9-FRA
content-length: 24
content-type: text/plain
date: Thu, 05 Jan 2023 06:10:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vNqhLfoXdfHu9Qj2Y5GbeFoSsZIfNztpTbrcbhCALTIibr%2FTn4cfiKOPavDF%2BNX4VuSLdTJTQAPtIgvSUtY2GMTD98Eu7rtHAK%2BfZJlb6DT3hjcVNTc9OQRDbIHLR6axMKcbV0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
34ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784a0d1b798d91e9-FRA
content-length: 24
content-type: text/plain
date: Thu, 05 Jan 2023 06:10:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU%2Bl%2FuqyVj4zZ9829LyQXCq1HsWuVo8Uwch4eqo8qly5l11TUuGKh%2FGo8Vq9fzZns39edif2joYovMk97i%2Fc5vo%2BgrQlRlge6llGqRJclpyTwpyYmcfhswfybXKG%2BpKZT25kKsY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

POST
H3 200 rs Show response
ad4m.at/ Frame EEF5 2 KB
2 KB 36ms
36ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b891776a355420e712709adfeb0a7f3025754ffdeab17282d670ee877c735de

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3d193Mm2P1BLK7%2BOeNrNMgQ8gYucDPqbPjfA8e94ruAknx1KpdaSUZbaeU4GfoDsyVNvQKrbpG8wiVJ8xOPEFGNy1fVEFShVHEaKV1mjEoTyktUDA%2FHuyul9Y%2FhAfLWxlYmoS68%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 784a0d1ba9bc91e9-FRA
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 53ms
35ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784a0d1b798b91e9-FRA
content-length: 24
content-type: text/plain
date: Thu, 05 Jan 2023 06:10:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJHUdiDaszndNoayGk%2FHFUfwTWVkB2kgBnl1%2FYVy91IpUaKY7KLZciCeKhUKNuc1%2F6B%2BaQI4J9hBDbRarCEPqGwvdOCMNVkA%2FXOirMIvgIjuuEL8cdXEPuobjs2kf4CVxt3bfLU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame F243
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873c9ff436dec89f16b?subid=69065900021213600951399012195005&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=69065900021213600951399012195005&actionid=981741&produktid=&dt_url=

0
628 B

51ms
20ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=69065900021213600951399012195005&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D2556755939%26pi%3Dt.aa~a.412089228~rp.1%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D2%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%252C306x250%252C306x250%26nras%3D5%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D2885%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DU3iM7FLFov%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D55&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frivnepost.rv.ua&random=808341192306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Jan 2023 06:10:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 05 Jan 2023 07:10:30 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 06:10:30 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=69065900021213600951399012195005&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA6:C1AA_91EFC182:01BB_63B669D6_717A66B:2BF9

GET
H3

200

activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368 Show response
8019191.fls.doubleclick.net/ Frame 4653
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368?

391 B
241 B

192ms
88ms

Document
text/html

172.217.19.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368?

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f102.1e100.net

Software

cafe /

Resource Hash

527ec9c417dc5aa370f5739ea72a352b7a59890b6e44019cdc1a91fe271ac1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Thu, 05 Jan 2023 06:10:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 832C 4 KB
2 KB 37ms
13ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=69065900021213600951399012195005&a=1f1e9567
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=f8a35d4ade&subid=&uid=793975e3540fd56c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DVWp58lNjJkd9igKBZz-2Vw%26exch_seat%3D20035004448%26mt_aid%3D610570720633371933%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_cid%3D424463b6-69d5-4b01-b743-94da776e1835%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwc2E1Wm2Y9rfAru-9u8P9PuE8ALPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqAMBqgTnAU_QxeGzZleKLBVqUIRKN14GRHqDPYmJ1khWH1uuUlCLMVjpoJGxs6ZHWVEOL4kUS7BprLHhwX87wQuIUEUSLNrSZDHUpSw9-bTP-3NdKjg-l1eI2TFJBVHvgJuSdiy96vsHM1OZ4HudK466EY0f0MKpqf6rdgXyKF6IYTY78dGxFaa2T4czHJZgrXQ-JylamH_3DYbtB0VYvj904pIf2PosbSHsubYjEfSlIxKpBcRTDpUwUGAdzIO8twT9aQxNqbvaE_8gMI7pJ-kxJi_WJi57L-Bog-D7SKfYLrTZaz8wkYWQn8fNfYAG1MTQgOnFoOwCoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1K9hdWi842aj_a9wT_xu2nA3qhqQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D2556755939%26pi%3Dt.aa~a.412089228~rp.1%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D2%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%252C306x250%252C306x250%26nras%3D5%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D2885%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DU3iM7FLFov%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D55&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Frivnepost.rv.ua&random=808341192306&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 632e1521839eb4a8cab71791ca8658ef9bac7f69270b78f52032bb4b34258d2a

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1442
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jan 2023 06:10:30 GMT
Expires: Thu, 05 Jan 2023 06:10:30 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2F1A 1 KB
652 B 51ms
47ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 55EE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 479581bf3603da9919e7d357657cb05e32a6948521f48f1e13f12230e5c1f6d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 96C4 91 KB
23 KB 9ms
9ms Script
application/javascript 2600:9000:214f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9124454
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: w705yWm5X1TKUDwaEaKEGlD5hunokwMiCpFLiUWzpwXc-27LLY0mTg==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 5D56 43 B
216 B 41ms
40ms Image
image/gif 52.51.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481227570&pubId=1&placementId=396796068&adsafe_par&bundleId=&dealId=&bidurl=https://rivnepost.rv.ua/&adsafe_url=https%3A%2F%2Frivnepost.rv.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Frivnepost.rv.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2108338005955045%26output%3Dhtml%26h%3D250%26adk%3D496640717%26adf%3D3073048689%26pi%3Dt.aa~a.86613092~rp.4%26w%3D306%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1672899029%26rafmt%3D1%26to%3Dqs%26pwprc%3D1092727598%26format%3D306x250%26url%3Dhttps%253A%252F%252Frivnepost.rv.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1672899028961%26bpp%3D1%26bdt%3D1606%26idt%3D-M%26shv%3Dr20230103%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D256d32d0be597a7b-22a4965e01db0004%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA%26gpic%3DUID%253D00000b9d5c1a1982%253AT%253D1672899028%253ART%253D1672899028%253AS%253DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w%26prev_fmts%3D0x0%252C1000x280%26nras%3D3%26correlator%3D5417183431727%26frm%3D20%26pv%3D1%26ga_vid%3D555107083.1672899028%26ga_sid%3D1672899028%26ga_hid%3D1691984888%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D994%26ady%3D1361%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44767167%252C31071219%252C44779794%252C44780792%26oid%3D2%26pvsid%3D1604498384740481%26tmod%3D386851689%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DACphafkojN%26p%3Dhttps%253A%2F%2Frivnepost.rv.ua%26dtd%3D45&adsafe_type=bed&adsafe_jsinfo=,id:cba0ee8f-1aa9-4a34-2495-4957a987d48b,c:oTntP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-h2qtw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,scm:publ1.grpm1,mtim:327,mot:0,app:0,maw:0,fm:ts2JQnD+11%7C12%7C131%7C141*.925113%7C1411%7C1412%7C1413%7C1414%7C15111%7C1512%7C1611%7C1612%7C1613%7C1614%7C17111%7C1712%7C18111%7C1812%7C1911%7C1a1%7C1b1%7C1c1,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:349,oid:a778628d-8cbf-11ed-9712-5618f39ed483,v:19.8.377,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.214.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-214-106.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

pb_girostart_250x250.gif
www.ad-server.eu/wm/pb/girostart/standard/ Frame 832C
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873c9ff436dec89f16b?subid=69065900021213600951399012195005
https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_250x250.gif

81 KB
82 KB

195ms
59ms

Image
image/gif

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_250x250.gif
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=69065900021213600951399012195005&a=1f1e9567
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 7bceabfd081564abb1048fbee47167788f01f8f6a25367c38ab244fcb5fda21a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:13:37 GMT
Last-Modified: Tue, 22 Mar 2022 16:40:40 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "6239fc08-145ee"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83438

Redirect headers

Date: Thu, 05 Jan 2023 06:10:30 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA6:C1AA_91EFC182:01BB_63B669D6_717A672:2BF9
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_250x250.gif
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5D56 43 B
216 B 792ms
170ms Image
image/gif 2600:1f13:800:7780:137c:669c:dd97:7e28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=cba0ee8f-1aa9-4a34-2495-4957a987d48b&tv=%7Bc:oTnuE,pingTime:-3,time:399,type:v,im:%7BpBlk:362%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:348%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:399,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:347,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:ts2JQnD+11%7C12%7C131%7C141*.925113%7C1411%7C1412%7C1413%7C1414%7C15111%7C1512%7C1611%7C1612%7C1613%7C1614%7C17111%7C1712%7C18111%7C1812%7C1911%7C1a1%7C1b1%7C1c1,idMap:141*,rmeas:1,rend:0,renddet:na,siq:349%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:137c:669c:dd97:7e28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5D56 43 B
215 B 789ms
171ms Image
image/gif 2600:1f13:800:7780:137c:669c:dd97:7e28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=cba0ee8f-1aa9-4a34-2495-4957a987d48b&tv=%7Bc:oTnuF,pingTime:-6,time:400,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:400,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:347,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:ts2JQnD+11%7C12%7C131%7C141*.925113%7C1411%7C1412%7C1413%7C1414%7C15111%7C1512%7C1611%7C1612%7C1613%7C1614%7C17111%7C1712%7C18111%7C1812%7C1911%7C1a1%7C1b1%7C1c1,idMap:141*,rmeas:1,rend:0,renddet:na,siq:349%7D&tpiLookup=ao:rivnepost.rv.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:137c:669c:dd97:7e28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8719 14 KB
4 KB 20ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b8ec6d68e86cd82b8d4d7f5c7ac26182979c7f5c241399289e02c3df8e5d76

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hj079f17ssbd6rrj3c0ht8b0mky9yx0dntved5deqg8f2ksenh2hzmzvp9s0m8z3y6g0jkw2nfhhakq3vv9wtw60h4cv2k17mgdgekrr0kpq7j72zxk2byxg68srr28rvsp89hv5qf3fm81x4w8a0gr4yyzbhjg18wrv3r1gavp2k54ncjcmsj5vpvd1hjfws0gvk6zq094fkv129ptxbpmb901wrzsz7t3vbkzk660amhgxeawtbv3am6mn06rhr96ev20kpq8m7a2898bzbgk74ecz9y72yx8wr6hjk24n9x4h7m0mvhxydnjyaw7cj4m3ztp0mfhk3nc1jq35vdefkq3ykn45vaa0b4pxq9znemta83kdampb4vy6r0bxq4c5ghehywmzw70tcpc7a34j7ta21tvg76zf16qqr41nvzfehfnxet0a0whj2ex2ypjtrd1d870&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a0d1c29c2912e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A29E 14 KB
4 KB 23ms
22ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b3e8e32d13dca8b9bfb1ae84c2b9bccefe660e18eab097a5c8d8f9479f1c45e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hzmmm8vfbjek0yb3b0kxqhrpekcp3z4s7cr7re8p9qdb8827gbyg122czc9bq0vfv4y27v2sktn38191kqvrd3x72whsr784a70nzfgd89brwaejg8c2pz87p5g0spm06j748rr1x51greftnj2pf6dadfe1efkq8gz91r8bfkvwk2g16wbw91q1b0v9edxyafatzqb9g02gd15gtfxrgy5fbzx19cpd6kkkgvx211ephafmew8jm0p2w38fpfxskbr8x2ycn636nyj1ffgmg5hcqz4zmdqcg7sxdhn2smwnnmmgxayye5r5b92rc4bwd9x11d60178w3sv4ek25tztn9v28tt4r4jc8h12w3x4jrwxsbmzk2qf37wprzf122jp8x1mev9pe08yvdp7k3mw74vqd1r2dmqty3ajs2hpb42960pc9hz8mgk6bcyx8hh94qpytb70&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a0d1c29c4912e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4E35 14 KB
4 KB 20ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7111d52b56990f8cb5ec10f834371c1171db3d8ec49df1f0b499f254d9b11046

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hkaw8rn8350rx3fa7bw19wkmjcwkzrdr87fzy0ncx4jx6kv1a8rbt62sh9hyz4n31bbskkj0jmv9hw2er380k9y23t8sang9rvp4zbfx1aswp1rpwz4cfp8hnbfafen2rgkfm3rym84pqr21fqkcxdv4wnrmy7bqqc0zyfj7zy4jqpz7xzvwvx0988mj4rw382c29bxj5rchy5r2pyrmbbjknp33bsxt886t0fvzy4a83grcmm58h7we48fwq69vkkqrdn6yz8y0aqc7n3vymmyyex2np8qvbd4990vwacxm6mj9g1fh8ffn680n4zgj4trc4bnm9gdaezf370ttj4dh4qpbwzh7xcvqebwac6t6k6k3qrdytg1b1kzwfzmx8gfs90w96gwxswrh03eyms84mrmwr94shvsca1mhct0gpe4qe6c5fsh7hr5fb2m7zaw1wztb620&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%26client%3Dca-pub-2108338005955045%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784a0d1c29c8912e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 832C 0
150 B 34ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=69065900021213600951399012195005&a=65098ee1&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=69065900021213600951399012195005&a=1f1e9567
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=69065900021213600951399012195005&a=1f1e9567
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 832C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5D56 43 B
215 B 727ms
171ms Image
image/gif 2600:1f13:800:7780:137c:669c:dd97:7e28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=cba0ee8f-1aa9-4a34-2495-4957a987d48b&tv=%7Bc:oTnvJ,pingTime:-2,time:466,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:652,beZ:654,mfA:979,cmA:980,inA:980,inZ:984,prA:984,prZ:994,si:1001,poA:1001,bl:1015,poZ:1015,cmZ:1015,mfZ:1015,loA:1052,loZ:1055,ltA:1117,ltZ:1117,mdA:654,mdZ:694,idA:1015,idZ:1056%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:348%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:466,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:347,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B136~0%5D,as:%5B136~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:ts2JQnD+11%7C12%7C131%7C141*.925113%7C1411%7C1412%7C1413%7C1414%7C15111%7C1512%7C1611%7C1612%7C1613%7C1614%7C17111%7C1712%7C18111%7C1812%7C1911%7C1a1%7C1b1%7C1c1,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:349,sinceFw:116,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:137c:669c:dd97:7e28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D56 0
0 155ms
77ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyLWjiDNCcQ3pBqUXkBj4-JW71XPpce0fVLCCtF_AMfhznMibVOrHsKKRfNLdXkyC9qpJX9d4l_wnqyJw3NYRsU7rr1q3rjlCX5Xn3N70-aZ3kZha-yYJlGUT4_zfurk-4mA2Qa2wkJH-viX2EU5e4aWwAVj4K5V7C4my9NN1HmlDk0fQaPxu9VO7Se53j11tpSWFPbwWhV9gQ9d7LPtDKnMkWVKDnSRr96tu1TiPtGeumOvNcpdjJfGzNPy104t7qMqsnVtVy9ivK416bKjhBgV27wh9Nf5PRPCcjB88okbMsk-5bF4ARNwK620bl_6NTN1-MRI07_xZTtDC1NJUMMqHayCpekCJN1OnrOKwiMKY5__vwhg6cyOgDcy98-t4eo7pNQtoCgZ0hT-vCSlzLIuhJmY4fuNSQiZd5RAJiwuUbzxLgpDe5qsDvSju01LJ9s24k-Zgito_ReezBjkMZOzXGyVEXrbiajjW8FnjlHJMRmkvDnhVeym8fM0jYZMm97KcHRTZ7MoOUgUcmWrylatDGqCyPCmGaOuIZYzxhEBqdmbIirdbzMAydpH984Q8_dGwfvH3v8XsLbvOvC8hMpoGE5DHOrv6foVY6G3U35TrDf6qiavHBdkcacpvDfnuaTjwQxLFeUU98LcUHKzNeIZiczFIpSvtd2B89n29wI1qtZNxCN1ErREhmQUrJWJICQ4fspWL95NqEOR1MjNh73CGgNtF_Mjh1YqcUcH1ckLpc1-tokX3JNf973pFxGc0EW7qdxKR0SilawFfhM2bTaR5wMQi6s8VRM5BkGQBjMuz3gTJ8VxIirfZ6ToOHFArXh5I67A5nAcNnzPkm0oaktmsu_JN_mjtZoYNqtd6ar1wXSn5iCakyREncpcu1oA8Iqh8TLv3VOCzRvp20UjuCOcqjVqvLKWq-wBQ7jRVieSIZBk9ybNE-mF9SyJtUmMzIpJoXju5Bzq0OK0DXssMzUkycYgv6hbzknmVlOMVR5SDTSt-Fu_--ARoT0pWA68XxFpvZRvfQFQgwySp7I0CabBzfnKHDQDEbNCqrD4iX5zFSCGlzHpntrACb1CgIhO7a8mN5XqYpm_Nxrc8LvH0YeLqGV3-mHWoS08YF4WvK30WVz7IzMk6WGV7Rrxx97qq56CAePRP8p7zWrTR4otyJiLTnx6Nfz9HMJEbIoJQV1w5x03-nuRQuXA4gEn4tqOhUvVGXQY1N_RVk8-EcqH2qVm5o7sVoIOQUjcpBlcByvzlEJ1aihYDh0BOPaAJRM5IiPKx1Cd2rT2NWch3z1PvenjY4ktvpgxIuBawLFo8Ub8PkvqUYjA&sai=AMfl-YR3zAQEkRO1tSagEFCK-icqIaxyIxQ5B1jlKtDwPI9dLb2UCrUGZ5PIvR2u_d3UmghdP-7PwOh8Jgj13Adh8kfVdJ_w5KtAOr6BxUGLoiZcu4pHKLa7HdhjIWBfE1RmKke54kumhOUDG7uQgocSjId-phTn0Y-6ppIFO3KyIrDlQz_RhtAEd_gXZ_35bLTxsGP9uE2tWqCuIV6_frLt0EBHwrD7tOOpoGqnCCRgf8UxjvL-h4AOj5Ey-PaY5XPkknHzHv5hpek&sig=Cg0ArKJSzB69lmchEyd6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=879&vt=11&dtpt=417&dett=3&cstd=453&cisv=r20230103.27137&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:30 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DDB 36 KB
16 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 8719 89 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 753795
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdDhw%2BZ6m1kKel%2B4ntSIhMUr%2F%2FIQZqL1unmXWUvSRsYosfZD00iqyQIEggGezf%2BnF%2FBhaBWW25umYr6m4QuaWIp6yuMOr24LyTdXl6s%2B%2FjYaL5Qc4vXRXN6JQ19dgAsGtsuqKHFfq3o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a0d1c9a47912e-FRA
expires: Thu, 05 Jan 2023 07:10:30 GMT

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 8719 127 KB
128 KB 41ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2117091
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A97X7Zt1K%2FdVYZyhX7rxZbPMNhHocoqhAXHQD1s5ExxyqCmCwa2PVTLZVZj7mhiKxRcommTbAizhJmO7gUJk2dGSt4IXhQ%2FRljexVuFvZsaNUWWlb3f%2BuvqsSU241cvt0UcmBNoUOfdbD0Bh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1ca8b491ff-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 8719 461 KB
461 KB 56ms
55ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 901393
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuV5c9jES0Fwh0KgprxSx98uhqAMcOJqt7gxtGFMMFwv6lVooRgEa4zsAUuYoiwfh1nbbv04sC9CAvY9WxlpkCBvp2KaklkZ1aVfkjiZUU9C9Hi8Y9mHFQst8tR6QQ2QsLpVsIMRSU%2FOuyre"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cca98912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame 8719 63 KB
63 KB 98ms
97ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 556615
cf-polished: origFmt=png, origSize=89638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64408
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 May 2020 12:20:14 GMT
server: cloudflare
etag: "5260549f152cd629e826b547dd714c3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID%2B7kozRarFb0biCZTiBTeyLplo1lxGT4bLOhQ1efCv2suQpjlSaP1NDDzXigkJawk%2FRNKOS7HNdORQxHSCUYdvRu7TIPZmIRjoNPMOV4z%2FEaSAEkq0Yimd%2BPqJf91E8fJPNST789aJK8YU%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cca9a912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame 8719 29 KB
29 KB 25ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981761
cf-polished: qual=85, origFmt=jpeg, origSize=68718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29350
cf-bgj: imgq:85,h2pri
last-modified: Wed, 18 Mar 2020 10:20:14 GMT
server: cloudflare
etag: "3608be436fa33cfe8447c6f429d36a9d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6scKzfC78f%2BHeXSL9DxnUgh7DfU%2BjRyq9yGccWJvi1Rij8vrHW379QNlK7y2PZ1ZI4xTzSjJlqq3HlTg8wo4zCkMNEUWdMP%2B1YcmzS7D%2F1dUANvB0H7Rg5T99sWKoBzE%2B1TPnSFmZfCBtKSZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cca9b912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 8719 53 KB
54 KB 17ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1065592
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmgGzqL2HWMPb4PqQTyNorWN8VzCs46EQ2HwxRmYbGAdIsPchEdJgloCTza3Po379n6%2FNyPPuD1fC4QVsuTWaNYGQVGHIq1Vsybg66jLfPF3tc68EfZFutQwO%2FCUUcW8Tn%2B%2Beby%2BpQN7TP6w"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cca9d912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 8719 193 KB
193 KB 27ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1598785
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPOQ%2FLfNi27DaHleqRZ%2BLzAbsBgk%2BnNrzr2LANL%2BcpTwaQnqGkw17cvQyBXR7uFN3aHCDVitayjBl%2B04CgLfH7U46%2BXXRYWXkI0g8Mt053y0%2BHMp8j91bh4KAgI1uu9meDfDbKfZErN9sa6K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cca9e912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 4E35 89 KB
11 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 753795
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7v7bbvDw%2FDriAf4Ea4gWifVkBBavg9eQ5GQFJQSZaPQDKJ%2FfQNDTIcVWPcjZBSBAqMcHqdglMYIwP7GzZIg%2BJT9aoQjAfKUk66PbC3lK0WAUGjP6lU%2BWnG1K2IJUOr%2FguoyO1DyJKQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a0d1caa61912e-FRA
expires: Thu, 05 Jan 2023 07:10:30 GMT

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 4E35 127 KB
128 KB 22ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2117091
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiYArLxnCU%2FWrcy8pxG5trKMnuHSExEHWY760rowq0e8MmedUJszrngKUX7xE%2BKUFtywB9F%2BQoYL8ayn9UEXaabMf3XnA2pWuROrAn3NkhaZarSzVEoM8YuxKaKncXCVRWj9EVkkwvti0%2BYl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1ca8b291ff-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 4E35 461 KB
461 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 901393
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii3Vk4omf9QjZ9FvbikcZ1p4YEIXmc6LIijVb%2FY48aZcaa5bxHKqx4gQWKzn%2B4cwgKPBKWQ%2Bg7vMfyHZLrc6z7EcdetmyLL87V1zJJ34jqAzxGrBW6%2BK8NKTQWH1NhrTrrKMyZo0%2BOfEy3rx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdaa1912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame 4E35 63 KB
63 KB 90ms
86ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 556615
cf-polished: origFmt=png, origSize=89638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64408
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 May 2020 12:20:14 GMT
server: cloudflare
etag: "5260549f152cd629e826b547dd714c3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HplJ45nVuHtdCnz7Pqf6KPWXXKa9xYcDdJiWJBb88fzbn%2BEq7UUb6Xha1MkFUB7gEZOfu7Sg8ic3%2BZ6b1UGKuPJbHoDpdqZRp8Z8gV2BEDtlbTKTXahap%2BJFcTAnAf3BT22niXNEUeK2A0uU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdabb912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame 4E35 29 KB
29 KB 71ms
67ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981761
cf-polished: qual=85, origFmt=jpeg, origSize=68718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29350
cf-bgj: imgq:85,h2pri
last-modified: Wed, 18 Mar 2020 10:20:14 GMT
server: cloudflare
etag: "3608be436fa33cfe8447c6f429d36a9d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwWwHyb68WuuPUd55K8MoHo%2FoC6hqq1Y3jsuuMbXBlh5GoHKIxozRbxs9y8Mq%2BnDo6cGlKXb%2B8I7w5eiIgtGv%2BLV24vjoNCkh%2BTbnUJ6ClozH9Pi1YoPfvfNKUZROFF4LKo29RxVThEJiFBo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdabe912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 4E35 53 KB
54 KB 83ms
78ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1065592
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miV3uVO5bJ0x3dIlsD90ZjC5UtVOo6oQe8ql8Fw%2BxSZpEYhDITDGC3Q2J39HCVlC5JjMLNeJ%2B7TpRwimfr1oljfdUv3p12bQTjmyiT5Fx6mdGcMo6EZE6kkJLfNVjneQsxXPB%2FCxokAEGnPy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac0912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 4E35 193 KB
193 KB 85ms
81ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1598785
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ5ocjM1pDI55H1BHwuHH8rqYqDQPeAOMJxLBGG9MjxIIpCrA4dGRVoeFPBzwTPkMrPngkuOC8fI8cci2h5MiLcLIWcNcX9MvsRwsAlLgPPoWu8H2dAI9%2BScBvOnB3QQZkw5Yeil%2FA198s1K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac1912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame A29E 89 KB
11 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 753795
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCCzEolfnE58Mj57LqAEKdbLdbi1CBepd2Waj9x%2FAF8AvlByvv%2FtSbd3AWQ1A1IQb2P7mcG40E1n1yZ2As4WqcnewtXGfBm8tMa8bIMvbVFgV2GlJ9%2FlWmDzFAtNq78%2BZtW%2FpBGleHI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 784a0d1caa6d912e-FRA
expires: Thu, 05 Jan 2023 07:10:30 GMT

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame A29E 127 KB
128 KB 25ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2117091
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYNrz%2BDrBQXHDlFva8teG0w3TptuDwA2r1waBxtClX%2FEeLTD0ywzOnxZYrK560pbwxydDbk4NNq6Miymk5cx%2BXAxZESoS6WlCjgm6lQGFuMhPq7U6%2F3N7XpmQaCTXR5I9YnP%2FhpoaUDUV7U%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1ca8b591ff-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame A29E 461 KB
461 KB 28ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 901393
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8y1L8EsK4rHjIM12swFqMfbn07w%2FAquiwRagWlrCkNnUcOS6nQzC2qjTNB%2FBaRtPO7RShembsnOsaLYXJ3Fx5Y0NFKbzG%2B2Alfn75JsYqhtgwAiReBzAZyODR5Ay4hUkq2lCZM69L5FYIuF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac2912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame A29E 63 KB
63 KB 111ms
107ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 556615
cf-polished: origFmt=png, origSize=89638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64408
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 May 2020 12:20:14 GMT
server: cloudflare
etag: "5260549f152cd629e826b547dd714c3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYSUUSiRuSaLaIlJ3JbryVmGwULrnO%2FESEEXIjIljS%2BIaxI%2Fq3reiuPPOWNd%2F1sZI5z1j4I3ZLW6nwkDoGEKugCUmQDgKgBpNgkdHhvM2H6Hf1xJGqcKfmqohqhic8ke3emu6l%2Fap9nxbbg%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac4912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame A29E 29 KB
29 KB 119ms
115ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981761
cf-polished: qual=85, origFmt=jpeg, origSize=68718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29350
cf-bgj: imgq:85,h2pri
last-modified: Wed, 18 Mar 2020 10:20:14 GMT
server: cloudflare
etag: "3608be436fa33cfe8447c6f429d36a9d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsSc3E8HGYPHx4nHDmJDfNds8NJNcF8O1thBDiZyheWnY64gPOAFhPQZRNcRkmx1rsg9wabEQQoOF%2FvwFVZ1mC3XfPaMMICYPu7WTbaCveqdZbd48%2FcxIdalAqHQH1qpUtX0HMRmSZXRtiR3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac6912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame A29E 53 KB
54 KB 119ms
115ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1065592
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkPwfCdledvOjJdsG1l1%2Bbpkr57Btk0SAk%2Bs2X0bgvUBiAumduyGAs%2Bgex2%2BedOrYv7BReNbUv0qH6sl0Bv97zHiA2wh2DZKhL0Gna6r%2FPaM4CkYuMcVfrKZvfF1VpzwxeJOvQwyOtv3CLtG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac7912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame A29E 193 KB
193 KB 121ms
117ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1598785
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivlMVpXtq93hhAnTwUAnskgcq10XPoMVdHgthdx4FRjCBzQ%2BYbQcqJpKDd1vBVL0gncGNCkQGwQ%2B%2BBhi36wV7To9rIuMiGWZnoz656yQ3obYa34yHPJndkjVyX3RkhXvKkE%2BV9mFXeDc90zx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 784a0d1cdac8912e-FRA
expires: Fri, 06 Jan 2023 06:10:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F1A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBGg8GgZhpkNaU6R1rA2N3Y&google_cver=1&google_push=AavPq0OiSYXPpeQDy1G02zKxFeYGBjcqeczU4noG35zijTux112EwDAVj5...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OiSYXPpeQDy1G02zKxFeYGBjcqeczU4noG35zijTux112EwDAVj5XBds4plvAIaMFmJZKC1MWTV8ClPkJBS7lQ7N7r2gsfsA&google_hm=R5lDdlsBQ0...

170 B
188 B

76ms
74ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OiSYXPpeQDy1G02zKxFeYGBjcqeczU4noG35zijTux112EwDAVj5XBds4plvAIaMFmJZKC1MWTV8ClPkJBS7lQ7N7r2gsfsA&google_hm=R5lDdlsBQ001Rb6aefR2AQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0OiSYXPpeQDy1G02zKxFeYGBjcqeczU4noG35zijTux112EwDAVj5XBds4plvAIaMFmJZKC1MWTV8ClPkJBS7lQ7N7r2gsfsA&google_hm=R5lDdlsBQ001Rb6aefR2AQ
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2F1A 0
104 B 92ms
29ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIu5llbVla8CuDAMk5fHdcM&google_cver=1&google_push=AavPq0MtnOW0vWia-CQ79X8bhxZdNkpvUuEutfp391pZB6tkun6BiVBv3BRVBwvNH-fI_d7c8WW-NTUuG56KyPMZYPEZ6TCW1ndwBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F1A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGponh44OgVUOwr1dgcvdpc&google_cver=1&google_push=AavPq0OvuceYORgDCwCL8v7yhYKCXdOaLP30Nt0_uwgL4mIOrzo9cosSBZdsB8mHpqo95HycrmYZBgj9a4zCp45y...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QkRjtmnVSwG3Q5Tad24YNQ&google_push=AavPq0OvuceYORgDCwCL8v7yhYKCXdOaLP30Nt0_uwgL4mIOrzo9cosSBZdsB8mHpqo95HycrmYZBgj9a4zCp45yUujbDiTd...

170 B
188 B

68ms
63ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QkRjtmnVSwG3Q5Tad24YNQ&google_push=AavPq0OvuceYORgDCwCL8v7yhYKCXdOaLP30Nt0_uwgL4mIOrzo9cosSBZdsB8mHpqo95HycrmYZBgj9a4zCp45yUujbDiTd74aASk4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:10:30 GMT
Server: MT3 277 3f0ad7a master cdg-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QkRjtmnVSwG3Q5Tad24YNQ&google_push=AavPq0OvuceYORgDCwCL8v7yhYKCXdOaLP30Nt0_uwgL4mIOrzo9cosSBZdsB8mHpqo95HycrmYZBgj9a4zCp45yUujbDiTd74aASk4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 05 Jan 2023 06:10:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F1A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECkjkIOlK3t81OhPqmj_uM0&google_cver=1&google_push=AavPq0M2Nt8DAqu3qzkSUIr-RlVj98JTKRqrYq_aXlwN7MJhB4bbmCCqM4m7PM1XJ8Wxqs-P3uSUH0BavmYC...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0M2Nt8DAqu3qzkSUIr-RlVj98JTKRqrYq_aXlwN7MJhB4bbmCCqM4m7PM1XJ8Wxqs-P3uSUH0BavmYC8Lggha9el735vL7nTnc

170 B
188 B

76ms
74ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0M2Nt8DAqu3qzkSUIr-RlVj98JTKRqrYq_aXlwN7MJhB4bbmCCqM4m7PM1XJ8Wxqs-P3uSUH0BavmYC8Lggha9el735vL7nTnc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0M2Nt8DAqu3qzkSUIr-RlVj98JTKRqrYq_aXlwN7MJhB4bbmCCqM4m7PM1XJ8Wxqs-P3uSUH0BavmYC8Lggha9el735vL7nTnc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F1A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-703f0125-16b4-41cc-8d8c-314cac1ca49f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MPX45X5tATwvPjeiuk4...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w&google_hm=A3A_ASUWtEHMjYwxTKwcpJ8

170 B
188 B

64ms
63ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w&google_hm=A3A_ASUWtEHMjYwxTKwcpJ8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MPX45X5tATwvPjeiuk4VOoGpdkywZFed5OcinwNZW3lZWiDCXsjZTg7pSzKAVsPMqClpRLJerxa_G_fkDnHz1_n6LBun7z0w&google_hm=A3A_ASUWtEHMjYwxTKwcpJ8
date: Thu, 05 Jan 2023 06:10:30 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX703f012516b441cc8d8c314cac1ca49f003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F1A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJqT2PwUoWeklEFbJ5_62zY&google_cver=1&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-S...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1NjIyMzY5OTIyOTkzMDIxMzUxOQ%3D%3D&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP...

170 B
188 B

68ms
65ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1NjIyMzY5OTIyOTkzMDIxMzUxOQ%3D%3D&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-SdENk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM1NjIyMzY5OTIyOTkzMDIxMzUxOQ%3D%3D&google_push=AavPq0NAiZfdjPBArtkYGb1bmQNmdIymlM0b6BKGBIE64Hyp9Pl_ARjP6xzWm_ib4wzZZhqS2q9NKLPzOeQS6aCLjXzqxp1-q-SdENk
date: Thu, 05 Jan 2023 06:10:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F1A
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NQNPS6aceCt...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NQNPS6aceCtZmy8xR1I3vugQRLnr...

170 B
188 B

76ms
74ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NQNPS6aceCtZmy8xR1I3vugQRLnrNU_a_VitqBN2Z1sFDBH46NOYAXqBo5vnDqC2vIP50KIMD6Y1lkAByr-wMkYLlAO_XCVZuL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:10:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0cceeb1f-9e57-4ba9-99e0-b69da8196f01
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNzE1MjIxMzk2NTc4NTczOA%3D%3D&google_gid=CAESEBQH-qvTuiH5nWuh8UA4FwA&google_cver=1&google_push=AavPq0NQNPS6aceCtZmy8xR1I3vugQRLnrNU_a_VitqBN2Z1sFDBH46NOYAXqBo5vnDqC2vIP50KIMD6Y1lkAByr-wMkYLlAO_XCVZuL
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2F1A 0
12 B 64ms
63ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzJzF62L-2Si4-5B6Bkekc8KY2UynJXxTvppE5ovAvACvnJgI9qzx8CWJyybEIvzO-Pf7ISg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=2556755939&pi=t.aa~a.412089228~rp.1&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=2&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280%2C306x250%2C306x250&nras=5&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=U3iM7FLFov&p=https%3A//rivnepost.rv.ua&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8719 1 KB
2 KB 174ms
86ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k9r448cccqzb647m9sf9f3dq9rav2689f9dsw0k1b3kpk49e6gxqe5x5w9h8s11m1dk975cg8f06qvsbw7fmycngsserkjr4qyht64a18m9tfnfbcec7s096va2wxp6h4f5p77zzt9w1b64t7f3g75ybtp46xn0pdn4nfsq9mf0c4xmbtyr7x1ajhs1cjp5hkn35t14vq35cnz2z1zdarbvtscakybdf9mpfm381pmz1f1my6vc82zf5bsbsc3js0z2e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 083626efb0ed1b8fe679bab05e950a25f5f9a01ca043e9cc7faa1ec545e0d7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4E35 1 KB
2 KB 161ms
75ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g5k4kfywwyzbtxe6yptqpja14te6t7mkc4qxar8g3rpxc94wpt5yf8x78hwj8kmzqwa09xa79k0vckj2afwsnxykc2d3msezshsqhqdr595zahtg6rrtd386dry0vv6arcksqpn026z8gv9s3pkkvyt8c2mvvzxvsy6ygqf1kd9takv3j3j3bnbdq7zc81smrdcdz6422m1cgyjt1jccbcqzjkf2kj30ejy4e66k8cqwv75b5wxxcjxh25tccp0c240%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2b0a62fe7c65cd47427466599641bf48bb48b665a8407955dc822bc789d785f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame B713 2 KB
806 B 48ms
47ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 778
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 14:38:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:15:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B713 7 KB
6 KB 90ms
87ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d1b2247bb88c939f2c0f06d2e233910026ca6b2672019073a6411edd15d05a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5671
x-xss-protection: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame A29E 1 KB
2 KB 138ms
64ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hk6pbct65y6574snvqv5km715hfszebmkcwmbgajjy8xchbby03sqekabaagfr325mbte19bhvkd2a19j70f9f5ssf9e142td673nd22rddc3g7smf4m7ztrq3qmsb1kzqe88rnkfdyk6xq03rjbmcme32rpbnv5ekspjjkgbt6t17mr1rpt4tzkc8pvarxnk5f97fnd100d7pv5wb42a0s2p4p2wkp69tgkk7f4df6tyfsjzxfagwhet8dy3v37qgry%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ef89c8a8d9289f4875e4f2a7009bae5f2b2d30e234bc9714c61c660e31539e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8719 1 KB
2 KB 139ms
65ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gbagvyfzrzxdqgeynbphr4na1jtgrxw60d8ssexa5c0v7nak4eapey27mw42jndchd131vwfrk6x1x2fp7wt0ravgw4s0zbzf4m0840j9hc8e9jvyamkw2p9s7pw1jtef09284jcfbmb4e1h0syxhy8h59c2hpvg5cfbepv4pt6psjap1wfy8v0jsv6t6tee3smcfwkqw79xmrthrew6abef71p5hgpbj467f9rmxxt0wvd4b3pq3re2fpq82pww27g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6ff0a0be3f85bb013b83e19c0f2df2eed078f5d793aea3b52756241f40167f64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8719 2 KB
2 KB 155ms
82ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kjr8gv4p7t724hhtxe9bh4nvaqkqh61yka4dq03bja9vpftt108f51z8pb99pvbcq8gn4sg0c26b63gq2rr74qxsha9qaqyhenfxx69xgsrw78cv03at1fe1d85dwyexerf8a16d35k7sqrmnr73mv38a5fk673zwek8er2tn0zwd3exxf82m09hrz6p8q5genm273hw68gz3p9gp2ac20d36j6gqht763pv1579q5swyedz6q0n6504b1rxre3mzh6yn0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=911258341b771ca57f587034a072f50e%2F11682090906276546630&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030360&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 8dcaf7a4c3893a3070bb24560f270501ea9471e592ef21805676bb81e7a67336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4E35 1 KB
2 KB 125ms
55ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grjg367dqgfmcy3yjff53kk6kw8qgabjyrph8mrybvzc2r9kzdjya3t2hccn70p41dkp4jdz60r80zcxydvgwefnjfvbsf1vf29kvwk0yd54ndfa099mqqgncr5e4k24qjndy0awve2bh6saqpc5j1zkdanr358vtjny457w8h02k0vt9nnf4kc2eempa7p1a8azzcdz3ydxmxg956fh5pa26fyzdspsgxfc32avje2mwrp47m3t3c6zjmamytx1m%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5262b2207361e3ab170bf6fd23356e1a82d121e4ce88b4d97f244275bae52d20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4E35 2 KB
2 KB 144ms
75ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g18gx511yfpk9sh8z0ez1kd68pzzh3hy7sn2my0syhh39p78z25hqqksgq3shsq43jtwbx3dqnckf8bt7teqqa15czme04be9gh705x3kf8x3rne1bznxbegfhj6knkyajxr61kb8z3ej9wv9e2ry9t4yx2e6hy4kmxff3prtxjmmh1anvf98j01zqmqcyrcm3fy8ckf5ad210bxf4br2qzdkj3yp6qw5wqhhnyc4egcb0p47psg2n16g1yk8npv2kwa%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 82f448a9bf0891a4f62982f74a704262754233ee4ee577f8386b7b839f263868

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A29E 1 KB
2 KB 137ms
81ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k2mjh7c0v9e0w6jg38rcyhg00f8grevd7z4h27nden3278sqcxnnqpzk3kyacrcjdcjda14ph9wjse931k293w0qg72ydaaswxw4w0rhtnyekr8p5znvw4d0dpm2r8kb2dyy0p96kfa7xpbmd4esh8c4vhj60dqeb0b8qqx4cw95wafwgbek2b9msf8c5emybvp8s1g8b31cy6743yecy0mdm8f6xw06975ht0zvyetg2dd4pzz35s8534t0pw54n50%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 1918512b4045c73afb94f9727b671d53cb5e954bb6502b6c0b94e7aeee2c923a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A29E 2 KB
2 KB 143ms
87ms Script
text/html 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kbjwqj50tmyn1h1jzvz8rcbcc8mtv1ssbtebqcywr9q6egkcq4tb1q9e39sxtzc0r7stg8d77qbdfmdw9brssrdfw5sm29zat0ttq1zmp2gp0tej30cv8vkmmb3bkr5xda4h9f3jwcnyapmq7fs06795epsyb8eqxn1r1hgyd4s055emk66gf91mqqg3thxb8x747rjdyfy0aqh6x67jjn2fjs43vz8qn9ph3qnxgbcsem6z7vvmvwaqjhq9912492hvqr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 21c810b143f9940a3551baf3c1b965a353361499146ea54f5a53c5e66599e8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B713 17 KB
6 KB 110ms
110ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5D56 43 B
215 B 548ms
171ms Image
image/gif 2600:1f13:800:7780:137c:669c:dd97:7e28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=cba0ee8f-1aa9-4a34-2495-4957a987d48b&tv=%7Bc:oTnyC,time:645,type:e,im:%7Bpci:%7Btdr:126%7D,pWait:20%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:645,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:347,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B315~0%5D,as:%5B315~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:ts2JQnD+11%7C12%7C131%7C141*.925113%7C1411%7C1412%7C1413%7C1414%7C15111%7C1512%7C1611%7C1612%7C1613%7C1614%7C17111%7C1712%7C18111%7C1812%7C1911%7C1a1%7C1b1%7C1c1,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:349,sis:496%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:137c:669c:dd97:7e28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4E35 85 KB
31 KB 76ms
21ms Script
application/javascript 18.66.15.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grjg367dqgfmcy3yjff53kk6kw8qgabjyrph8mrybvzc2r9kzdjya3t2hccn70p41dkp4jdz60r80zcxydvgwefnjfvbsf1vf29kvwk0yd54ndfa099mqqgncr5e4k24qjndy0awve2bh6saqpc5j1zkdanr358vtjny457w8h02k0vt9nnf4kc2eempa7p1a8azzcdz3ydxmxg956fh5pa26fyzdspsgxfc32avje2mwrp47m3t3c6zjmamytx1m%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-100.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 17:40:52 GMT
content-encoding: gzip
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 44978
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dGnrRkKJ6pUf6Xl8xHtP8CGU5XOftZ5A2f9Ae9zHBGoRs4rCEQgC6g==

GET
H2 200 link.html
track.webgains.com/ Frame 4E35 3 KB
3 KB 57ms
54ms Image
image/gif 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A29E 85 KB
31 KB 81ms
37ms Script
application/javascript 18.66.15.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hk6pbct65y6574snvqv5km715hfszebmkcwmbgajjy8xchbby03sqekabaagfr325mbte19bhvkd2a19j70f9f5ssf9e142td673nd22rddc3g7smf4m7ztrq3qmsb1kzqe88rnkfdyk6xq03rjbmcme32rpbnv5ekspjjkgbt6t17mr1rpt4tzkc8pvarxnk5f97fnd100d7pv5wb42a0s2p4p2wkp69tgkk7f4df6tyfsjzxfagwhet8dy3v37qgry%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-100.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 17:40:52 GMT
content-encoding: gzip
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 44978
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UHmndkWTakF0L5xKOdoij3UQmeef9kAeCReqY1gU1WtRtEeQfPgziw==

GET
H2 200 link.html
track.webgains.com/ Frame A29E 48 KB
49 KB 75ms
72ms Image
image/gif 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=7e70cea77ccb78b2619f4792d289fcde%2F14748347831832224647&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8719 85 KB
31 KB 85ms
42ms Script
application/javascript 18.66.15.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gbagvyfzrzxdqgeynbphr4na1jtgrxw60d8ssexa5c0v7nak4eapey27mw42jndchd131vwfrk6x1x2fp7wt0ravgw4s0zbzf4m0840j9hc8e9jvyamkw2p9s7pw1jtef09284jcfbmb4e1h0syxhy8h59c2hpvg5cfbepv4pt6psjap1wfy8v0jsv6t6tee3smcfwkqw79xmrthrew6abef71p5hgpbj467f9rmxxt0wvd4b3pq3re2fpq82pww27g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-100.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 17:40:52 GMT
content-encoding: gzip
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 44978
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: YPk0b5XBI08U5-kGooxA_047anLMyEILcfui8QHAnKLdR9lr4lIPNQ==

GET
H2 200 link.html
track.webgains.com/ Frame 8719 3 KB
3 KB 70ms
68ms Image
image/gif 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gbagvyfzrzxdqgeynbphr4na1jtgrxw60d8ssexa5c0v7nak4eapey27mw42jndchd131vwfrk6x1x2fp7wt0ravgw4s0zbzf4m0840j9hc8e9jvyamkw2p9s7pw1jtef09284jcfbmb4e1h0syxhy8h59c2hpvg5cfbepv4pt6psjap1wfy8v0jsv6t6tee3smcfwkqw79xmrthrew6abef71p5hgpbj467f9rmxxt0wvd4b3pq3re2fpq82pww27g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H3 200 dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368
adservice.google.com/ddm/fls/z/ Frame 4653 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKm-08Pir_wCFUjgsgodIVgO4A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5978187063798.368?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 4E35 2 KB
3 KB 75ms
21ms Image
image/jpeg 18.66.15.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672899330&Signature=WLL8vEPXOleSh1TiizoAlTuH20kRj7TMcVyeX1b9ui4VG~frhStdOM2lZHYJpZ5Mn-deDe66fJVMBputEV7~j7lni~vkrk0eHDnBeW-LApOXedBRxh~pjNg-eTa2tWDV3ZxTa1cGYdZVHe1rTk3l--Vut2OrWaEDLWdxs1tR2WR-jRM5BjmyGAxZ-1IYT9DtmVfxZiPvbfwa2GRB4pTsPEgKRJcwP8oj0NkLUTLocvEwc1Kl6Erqr3Pi5l5EIE3MQ9LRn2iMEbfusNi0GhrJcU1yzfsdi0DgBgZXcoLnhcrHwQwj4YkbnypE2AprlsNzK0Y5KTkr98xFnXWkDtemmg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=250&e=&g=6e85db8971ea332ab2dbd7d4fe121694%2F8954316279007489624&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672899030364&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%2526client%253Dca-pub-2108338005955045%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-61.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 04 Jan 2023 18:55:14 GMT
via: 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 57903
etag: "66da632e2658ba90a2b4863be372b9cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: z1EQkjD8yX8pgJ2WczIiB7cDUNVmR41yLC0VnpcEb0gF9hGI5-C2CA==

GET
H2 200 link.html
track.webgains.com/ Frame 4E35 48 KB
49 KB 76ms
75ms Image
image/gif 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g5k4kfywwyzbtxe6yptqpja14te6t7mkc4qxar8g3rpxc94wpt5yf8x78hwj8kmzqwa09xa79k0vckj2afwsnxykc2d3msezshsqhqdr595zahtg6rrtd386dry0vv6arcksqpn026z8gv9s3pkkvyt8c2mvvzxvsy6ygqf1kd9takv3j3j3bnbdq7zc81smrdcdz6422m1cgyjt1jccbcqzjkf2kj30ejy4e66k8cqwv75b5wxxcjxh25tccp0c240%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0hhjephsbzpwk8gs5sjmvr13a16ytrer7qdpty80gf7etdvn3ez8rcj3984q0s7bsw60cqggahcbxjzfx6jnv0gk1942f03mmjnyrjdtpdw3nzp2dekygk06syhsys9f4w41jphvkqxt4fyp7adsj11q0ddehkpjk0zg6k1zry7bpsmyt5vf65p6fq2vtrvaqfznms2nyafy5hcf35s5hb6fwxhrzhr5h9wtg9162wx88w20c28cbp7b8yzxdnq3fvvx1y1fgcrghtd2fv2skjjr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCweDf1Wm2Y46KA7yl9u8PwuaL4AWQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0KzqSSXWwtl4DDBocNaTdFMYxnfL1p9080YGnoyEeKxw6u6pB5C70435S85E3AadN7ILbe566n67StGB9_LEbqpqRjZ2BSOo8k1Ux_LFIrR2md7NuOwL3iI-DtYXDNDeU-casTmAHCYRBqD33FbVvN1H-clo6dxGTyheKGVZyNSmWX7zFBQZj_Xl-MKapqmn20X3eJJ0ts4pmdOrWWq6ppDS-tGlt1l13WrKOiQYhNvXbAuTHwmchS1UzuUjsShW2xx8jU6QKVRazgGeP4Y2U56Fyyrk5HVWeKV0pAhuXevI2bVp67-ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0RIMROVFqFfxavn4kp-LQRIdXiiQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DDB 0
25 B 83ms
83ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B36Dn1Wm2Y_-_GM2m3gOmt4S4DwAAAAA4AeAEAg&bg=!UVKlUhbNAAYDMoyoIzI7ACkAdvg8WrteY12EA_Xlt1JE98OSK37DKovT2ZK32zKNWYLW147-Rtkd9AIAAAB-UgAAAARoAQeZAvSklgBAeb1-w4pFvQZzxgxLyCWBsJblll8hNQTwNZuz25LdWAoRKmNBCvzVHV49imNEgXlja8cWib6ZL8VdDOoEx5ESnk9_taBYNcOKZ0WwSDJsgvBxQ76Sxef_Gds60y87gv63W-QUHodcATDBYT1Augc_z05UFTRBEDw09MTuTvLuTbs8ppibzdO3F8-Gi857OoM0xV3l3PZgrsjhDd6d7G5UfasjMZh7DBcf5ubTE9IFOzHLlNWcM-00X-7U61uiXezrFHcU2L0nSxKoZ1lUmqrTNy0eFPmHGuA6-AsPvXSTdmE2z9xPoLMvpJkWiFOC0fO4-QYBc9E_Pnhr2kWqpImL5-2kWMkgA4nzIi4bpJ8Wh-tL7MxB5tcA0l-Tfks-VI6TpFIFObB5Sc_ehnR-KAwO-HU8YRmw85xOP2yCh8z6-d6FS-fswGVHNx5jqF5v7t6BFP2rxqq5Xacok58upKaS6ITeIGQcixvSe21qZ-wy_Fu4ASDBq0LvyFDFGRWOjruW-xXDk6QSEgdRWP2tj4CZd2pVDRTb8aS-ZcxEhvk_9yy7pNOqj3CgVcEIQ5sV6hqQJAva9nDpkI5fCEu33f-T5EAEMJple8Bz66PpGmmQh6RbauQ4l3bGfqzY1Fnp_gGxWA6aziz3YN-8knfKhUINXOauWcdzD-gn-X9a_O_wE3Z7HQUgxrOH8PtlAskRb-RXc5BLJOkj2yPEeKd-0Oo3giqt5mtAuMm_-Afp56vbIfe7jcF-yX-3V3-RJoZ6TO8nohIYkPSgTwi2QiaIGAigEMENrScm7haCJs19pmLbbJv4g48w8xrv1DMKJkzSKqqFKSo6JeXhSegpG3msYNHNFnOA_u1nBzU1KzkuXbzKHOHwH2HMwOArriz-NGYlFTM1S0thib-4vMEy341biiQj_trN4mTpvJfnwsxlLL2i18P3HOtHilzTcSvBL-3DtTned2M2K_NloYZVi4gwwxuA3Fw06n1RnLSupYbC2ZDM_Zo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html
track.webgains.com/ Frame A29E 3 KB
3 KB 60ms
60ms Image
image/gif 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k2mjh7c0v9e0w6jg38rcyhg00f8grevd7z4h27nden3278sqcxnnqpzk3kyacrcjdcjda14ph9wjse931k293w0qg72ydaaswxw4w0rhtnyekr8p5znvw4d0dpm2r8kb2dyy0p96kfa7xpbmd4esh8c4vhj60dqeb0b8qqx4cw95wafwgbek2b9msf8c5emybvp8s1g8b31cy6743yecy0mdm8f6xw06975ht0zvyetg2dd4pzz35s8534t0pw54n50%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 8719 2 KB
3 KB 57ms
22ms Image
image/jpeg 18.66.15.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672899330&Signature=WLL8vEPXOleSh1TiizoAlTuH20kRj7TMcVyeX1b9ui4VG~frhStdOM2lZHYJpZ5Mn-deDe66fJVMBputEV7~j7lni~vkrk0eHDnBeW-LApOXedBRxh~pjNg-eTa2tWDV3ZxTa1cGYdZVHe1rTk3l--Vut2OrWaEDLWdxs1tR2WR-jRM5BjmyGAxZ-1IYT9DtmVfxZiPvbfwa2GRB4pTsPEgKRJcwP8oj0NkLUTLocvEwc1Kl6Erqr3Pi5l5EIE3MQ9LRn2iMEbfusNi0GhrJcU1yzfsdi0DgBgZXcoLnhcrHwQwj4YkbnypE2AprlsNzK0Y5KTkr98xFnXWkDtemmg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kjr8gv4p7t724hhtxe9bh4nvaqkqh61yka4dq03bja9vpftt108f51z8pb99pvbcq8gn4sg0c26b63gq2rr74qxsha9qaqyhenfxx69xgsrw78cv03at1fe1d85dwyexerf8a16d35k7sqrmnr73mv38a5fk673zwek8er2tn0zwd3exxf82m09hrz6p8q5genm273hw68gz3p9gp2ac20d36j6gqht763pv1579q5swyedz6q0n6504b1rxre3mzh6yn0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-61.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 04 Jan 2023 18:55:14 GMT
via: 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 57903
etag: "66da632e2658ba90a2b4863be372b9cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: w8onYlBlb9EXEn1fhcIuTpocYoQFPWZ34KteChTpRvxkKIIwAOqiqQ==

GET
H2 200 link.html
track.webgains.com/ Frame 8719 48 KB
49 KB 73ms
72ms Image
image/gif 18.168.49.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k9r448cccqzb647m9sf9f3dq9rav2689f9dsw0k1b3kpk49e6gxqe5x5w9h8s11m1dk975cg8f06qvsbw7fmycngsserkjr4qyht64a18m9tfnfbcec7s096va2wxp6h4f5p77zzt9w1b64t7f3g75ybtp46xn0pdn4nfsq9mf0c4xmbtyr7x1ajhs1cjp5hkn35t14vq35cnz2z1zdarbvtscakybdf9mpfm381pmz1f1my6vc82zf5bsbsc3js0z2e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jsv7w658aam3dwyk6f5fdvkzpnmc5bvdnzjqrnjkt3g7sjbgvez2v6cvgcnqy9fzea1t6x3znzymzdty2fh1abvrpn75azj8vk19pxb40apsj4rewvdkjx9czxhyvanbpptmprnfs74b0cwf2vp4y1n8q6b13n4t3dh13x3xb245etzpfbdgz1t3sx6t9jfdg385jtq1sgxt7fw2ddyne7ksz6180t92rpjp9cfhavkbzvkwwpa5qedtkfpv9t4d051jegnx5dmav1517w9wykzg4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCri-L1Wm2Y9SvAtSR9u8P0ISZyA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMTA4MzM4MDA1OTU1MDQ1yAEJqQIGYaAIlMqxPqgDAaoE5wFP0CTt2POHew0VJ2u6GVZe2yEeiu1L9wD6GIVuQdIxcyXzCcSvQEEqTyGmJ4k9RkOa0yiodN6AAFP0NZUfBulIHWqa1s6nH6YHCMYwlZ6YxE-luTpkcAYVDc70nsCxwARU8Fh9TyhR9W7Bm3rY1Dl7uz6oMyh5Byp06jacpA3asLOz7BIV3klwcXC5Q0jKS9LOvCBaONhmeUULeW6msoEF22xRZkSZ4w6xBZLySN5FhO7pesmh9gPmKYFCM6bOdjb9A55nfcmCu1InTFY28L2jkgqpdFkJuxwPTCM1rT2Tu3xaR4vncsqABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3UTnX9sPJGToqv5-v8guKjW2e7RQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.234 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-234.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:30 GMT
last-modified: Thu, 05 Jan 2023 06:10:30 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 05 Jan 2023 06:11:30 GMT

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame A29E 2 KB
3 KB 58ms
23ms Image
image/jpeg 18.66.15.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672899330&Signature=WLL8vEPXOleSh1TiizoAlTuH20kRj7TMcVyeX1b9ui4VG~frhStdOM2lZHYJpZ5Mn-deDe66fJVMBputEV7~j7lni~vkrk0eHDnBeW-LApOXedBRxh~pjNg-eTa2tWDV3ZxTa1cGYdZVHe1rTk3l--Vut2OrWaEDLWdxs1tR2WR-jRM5BjmyGAxZ-1IYT9DtmVfxZiPvbfwa2GRB4pTsPEgKRJcwP8oj0NkLUTLocvEwc1Kl6Erqr3Pi5l5EIE3MQ9LRn2iMEbfusNi0GhrJcU1yzfsdi0DgBgZXcoLnhcrHwQwj4YkbnypE2AprlsNzK0Y5KTkr98xFnXWkDtemmg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kbjwqj50tmyn1h1jzvz8rcbcc8mtv1ssbtebqcywr9q6egkcq4tb1q9e39sxtzc0r7stg8d77qbdfmdw9brssrdfw5sm29zat0ttq1zmp2gp0tej30cv8vkmmb3bkr5xda4h9f3jwcnyapmq7fs06795epsyb8eqxn1r1hgyd4s055emk66gf91mqqg3thxb8x747rjdyfy0aqh6x67jjn2fjs43vz8qn9ph3qnxgbcsem6z7vvmvwaqjhq9912492hvqr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpwcfbs3wggqpwew027tjc7b4e8q43m1h0mww4ncv8x42ve5eh75m4me2yvzd5t070ycxt3f7nat6r0zpb944rkz692sgz1102gy24sktqt07d7g5ny2rc2nz8k0rc1krqgmtcj1a27jz28y4kgtdp8q7fps7n2g13bydee1bhcqhskzz6qwy2xytak4894wbsevv3qy8xbcagdr214tn8rx26gvz9ctvjm8qxq085saxw0m9nkj8ge4sbsxsnscqr4chtn4xrxmx20wh6vw0vmxr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9jsC1Wm2Y-icA9WB7_UP-uGoQJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTIxMDgzMzgwMDU5NTUwNDXIAQmpAgZhoAiUyrE-qAMBqgTnAU_QQrzvEAH5pQ8BWjST8BwPKQpDMGyK94BZBXc5FcFSurCxMi3Ek5MMe6Of7S30wHb73gYzeN4J-bg3-12lFzRG-_rPA1RWfv6-ex-kKUVMAhVsUXDc8haIpLAQ2DkGt-q-vZcxncmwGmeJREbrNCslPV7rb42QWtvDw7e7ebN3YUXq7FDk3BUsxLiugqrGULINq5d3wzWqrrm7nOY2oK3e0J00b5AFudfNEYOHAqN2NAdWt0Pdca1WFK1CzuKcrc0Et50qc_VW0RVJBzT1NGbNbimaQaeJu_rer-Umt4woFMmRr4OKk4AG3Ieur5DFlNpyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1r0ubtjO8f5KOrusOetdiyb-PFcQ%252526client%25253Dca-pub-2108338005955045%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-61.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 04 Jan 2023 18:55:14 GMT
via: 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 57903
etag: "66da632e2658ba90a2b4863be372b9cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: mNAgZegjfurQO6eeU6uYAJEgkU3uwCfgBtLSS0BxfgweiQWYnt8npQ==

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F4F 36 KB
16 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5D56 43 B
215 B 524ms
338ms Image
image/gif 2600:1f13:800:7780:137c:669c:dd97:7e28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=cba0ee8f-1aa9-4a34-2495-4957a987d48b&tv=%7Bc:oTnBD,pingTime:-10,time:832,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1672899030848%7C%7Ccf3d816db51d026f035896e124b337f1%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C0efa6b20ed58c3ab38782240260d8ba6%7C%7Cde95d5aa41a8d50bbe4fede15f50512f%7C%7C3b15536e79d8b83f229173959539306b%7C%7C46ffc23ae45f1b3b7fba5e5c293bb0c2%7C%7C50b85f23fe0182de1b83d1dfe3291b06%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=250&adk=496640717&adf=3073048689&pi=t.aa~a.86613092~rp.4&w=306&fwrn=4&fwrnh=100&lmt=1672899029&rafmt=1&to=qs&pwprc=1092727598&format=306x250&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899028961&bpp=1&bdt=1606&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D256d32d0be597a7b-22a4965e01db0004%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MbANfGqpewanUSmheuAgvdVdSn6NA&gpic=UID%3D00000b9d5c1a1982%3AT%3D1672899028%3ART%3D1672899028%3AS%3DALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w&prev_fmts=0x0%2C1000x280&nras=3&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=994&ady=1361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ACphafkojN&p=https%3A//rivnepost.rv.ua&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:137c:669c:dd97:7e28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 025E 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwy7hqVMFDDrzNBePXQ44ZY6s6RJT0SBexwzBkZGhNiiUVRSHtlWsxkPKd8bx8UVulwFpyVSlVDYA3tZR8vhqdEnk&sig=Cg0ArKJSzBp5dfoXpRYZEAE&id=lidar2&mcvt=1019&p=0,0,124,1005&mtos=321,937,1019,1019,1019&tos=321,616,82,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899029242&rpt=508&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CC4E 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AA45 42 B
64 B 84ms
84ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoajOZOPCd-KYPQ7VZktr_XYGeWx9ZErB4qeBTQ3MEzOdT_Rc0zzy5VjF0CP4btJqDow7G0oWb8mLF7YXIVIp2e_Wa5dpYz5PzLXClHX94KmG_E9T_Fb5fqt3l8DzvA1-AjjuKxA&sai=AMfl-YRHno8jV2UfOD-JrRVpfphAS80DgXTC1gwC2M_O3qnciP25YM0zoi4NJ7RH21c4030DSHHb4JHXJaAm6pM&sig=Cg0ArKJSzJEMAgBZ-6gmEAE&cid=CAQSGwDq26N9oVrBEyxfrN-lHCpFVkTMSLCZatOWlRgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899029238&rpt=736&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C556 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVStvqRiHrXrsf4OSF0izEEuhDij5j5wzQYsRuSnZTJQ0QgGRTibk8CHkWMB62qXyE0zWF7aRthkiV1H8LhuXB1E9yJ-oMV9nfoQ_SqONu0SYPCiXLyv_voSFDN57AzqhKdAeS6Q&sai=AMfl-YRVZ3iyGu0uWpBF4BYXhjraL7W-Y_fG6HkgTlnQdJPMuHrPfGEjuvNOvzDlS8Gzll093_Lj2R2aGLPmw5o&sig=Cg0ArKJSzGBPL3M6X4MPEAE&cid=CAQSGwDq26N9oVrBEyxfrN-lHCpFVkTMSLCZatOWlRgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899029241&rpt=919&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.gif
rivnepost.rv.ua/images/ 8 KB
8 KB 34ms
34ms Image
image/gif 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/images/loader.gif

Requested by

Host: rivnepost.rv.ua
URL: https://rivnepost.rv.ua/css/style.css?1666945772

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/css/style.css?1666945772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 27 Feb 2018 13:56:00 GMT
server: nginx
etag: "5a956370-211c"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8476
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 92ms
92ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5d6418c3e3c8a56d74ca8eaf0ffda6e8ea7de70c063f1f268b1b5efb51a210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0

GET
H3 200 300x250_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame B713 61 KB
17 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a0c7dd8cccf9f6242549757fbb6b960d4043d8f96fa6c8c2cc75afa972744a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17789
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:42:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:14:09 GMT

GET
H2 200 u-mlinovi-chakluyut-nad-dovhim-volossyam_20230102_9401.jpg
rivnepost.rv.ua/img/300/ 110 KB
110 KB 35ms
33ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/u-mlinovi-chakluyut-nad-dovhim-volossyam_20230102_9401.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

64068ac963780d6e184a3a37d7fccd9fb4838aa7c52ad7d93c25babf5d1c42c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 02 Jan 2023 13:24:09 GMT
server: nginx
etag: "63b2daf9-1b889"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 112777
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vibiraemo-smartfon-prosti-ta-korisni-poradi_20221230_2325.jpg
rivnepost.rv.ua/img/300/ 39 KB
39 KB 102ms
100ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/vibiraemo-smartfon-prosti-ta-korisni-poradi_20221230_2325.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

78ded6bc7019e22458c9baf1cd834d728341d3e7791ab850275fd5f3f4d7693d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 11:06:59 GMT
server: nginx
etag: "63aec653-9c38"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 39992
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vazhlivi-printsipi-v-seo_20221229_1707.jpg
rivnepost.rv.ua/img/300/ 52 KB
52 KB 135ms
134ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/300/vazhlivi-printsipi-v-seo_20221229_1707.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

144cc9c3a9360a99c74deb8f3fd865d3322ef79c9fa1ea9e37ead53c2153531e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Dec 2022 09:42:19 GMT
server: nginx
etag: "63ad60fb-cea1"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 52897
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 andriy-karaush-mi-zaprovadili-zruchni-servisi-shch_20201223_1499.jpg
rivnepost.rv.ua/img/330/ 16 KB
16 KB 136ms
134ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/330/andriy-karaush-mi-zaprovadili-zruchni-servisi-shch_20201223_1499.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

f2bfe5efe5535422dfa8b891896ec6dbb028a9703fa4d4167e50379fd2442512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Dec 2020 19:21:10 GMT
server: nginx
etag: "5fe398a6-3f70"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 16240
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yuriy-privarskiy-v-oprilyudnenomu-naftohazom-spisk20200917_9562.jpg
rivnepost.rv.ua/img/330/ 15 KB
16 KB 136ms
135ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/330/yuriy-privarskiy-v-oprilyudnenomu-naftohazom-spisk20200917_9562.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

e62518d8a624d68773d203228470e221c06c133dfccaaf55e57fed1f788bb4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17 Sep 2020 09:19:49 GMT
server: nginx
etag: "5f632a35-3d9f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 15775
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pro-holovne-z-dmitrom-yakimtsem20200911_9336.jpg
rivnepost.rv.ua/img/650/ 41 KB
41 KB 137ms
136ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/650/pro-holovne-z-dmitrom-yakimtsem20200911_9336.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

fc0ee6192d950c6f904dc8b914056d112941263b339335353c6525a4558795d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 11 Sep 2020 10:27:23 GMT
server: nginx
etag: "5f5b510b-a2fe"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41726
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zasnovniki-obednannya-svidomiy-vibir-pro-dubno-i-n20200811_2300.jpg
rivnepost.rv.ua/img/650/ 47 KB
47 KB 168ms
167ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/650/zasnovniki-obednannya-svidomiy-vibir-pro-dubno-i-n20200811_2300.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

36e754a947485beecff5b5aea1794edc4cd033cc6c1abc4f16e8e14a01a6dc28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Aug 2020 10:36:55 GMT
server: nginx
etag: "5f3274c7-bc9a"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48282
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 146ms
146ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B79 13 KB
5 KB 53ms
51ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4214 783 B
535 B 50ms
50ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac5b60722598e16d90925ad1462532e144a0f342b828836a8b65ffec3029f0e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CuOX8nnq9lmdDAGV5Q_D4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rivnepost.rv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-CuOX8nnq9lmdDAGV5Q_D4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:33 GMT
expires: Thu, 05 Jan 2023 06:10:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8719 16 B
232 B 51ms
50ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 71ms
19ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 64ms
21ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4E35 16 B
232 B 64ms
63ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame B713 4 KB
2 KB 41ms
41ms XHR
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:15:53 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame B713 5 KB
2 KB 42ms
42ms XHR
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:15:53 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame B713 2 KB
1 KB 41ms
41ms XHR
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:15:53 GMT

GET
H3 200 NH_D_AF_Savannah-Best-Age_300x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame B713 40 KB
40 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_AF_Savannah-Best-Age_300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa3d14d5ec1674605c6d60483597269908efc6283ea65e70a615f543f814b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:02:45 GMT
x-content-type-options: nosniff
age: 468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40819
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 07:26:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:17:45 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A29E 16 B
232 B 68ms
67ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 27ms
21ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8719 16 B
232 B 59ms
59ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 19ms
18ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8719 16 B
232 B 76ms
76ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 19ms
19ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4214 0
0 80ms
80ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1604498384740481&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5D56 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7780:137c:669c:dd97:7e28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=cba0ee8f-1aa9-4a34-2495-4957a987d48b&tv=%7Bc:oToeZ,time:3272,type:e,im:%7BpLoad:1361%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3272,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:347,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2942~0%5D,as:%5B2942~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:529,fm:ts2JQnD+11%7C12%7C131%7C141*.925113%7C1411%7C1412%7C1413%7C1414%7C15111%7C1512%7C1611%7C1612%7C1613%7C1614%7C17111%7C1712%7C18111%7C1812%7C1911%7C1a1%7C1b1%7C1c1,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:349,sis:496%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:137c:669c:dd97:7e28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4E35 16 B
232 B 65ms
64ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 19ms
18ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4E35 16 B
232 B 66ms
65ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 19ms
19ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A29E 16 B
232 B 77ms
77ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 19ms
18ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A29E 16 B
232 B 64ms
64ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 19ms
19ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:33 GMT
server: nginx

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame B713 50 KB
50 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18371140143323373724/index.html?e=69&leftOffset=0&topOffset=0&c=5ol2LeGwfA&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:56:50 GMT
x-content-type-options: nosniff
age: 823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:11:50 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B79 36 KB
16 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4B79 0
10 B 50ms
50ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ulZSWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
83ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1604498384740481&bg=!ExClEFTNAAYDMoyoIzI7ACkAdvg8Wm9fddTVuZgWuZQUEKQgA9PEO_VoY-rTs1yXnVlNIpcC6zot5wIAAACWUgAAAAJoAQcKAG_jBl0ZAUfDd9XOKqtAXhExDS338XbiFza_zKBYTlTPPIOV0TxfjNqBF5snFX5uySXUS84XJn-X6zZy0rZ5A6R_jFSnqaBRcuItEjpOI8X3VcvFaDnI0UK_BAWEQ8dAiBRjhP6BBwCpQqRnG1xnwFqZArG-fx3C9WYAhzBsgo2cmdfJxEwpHL66vYdpRKel2ascnkdWbypUn0SRxHUVSR0vL-PRmyaEv8FAZjAAH5q1buZH6ayGaWqT2sAgNnw1uWE18SXg-PSrhqpkm2IhFidwPFd5t4TdGWfRiZhAkTH1_X2t1ecYc-pni_RLu1m29tfS2Xp8PsrIW1rnXNwM_9e4fa1xsdVwibUpf4vZcbM3ld_cTLeGe2URc8mDp3DdkYT1jb0eBUGj9LsxgMqKxWTJGtm1iA8muaNtfQg1Uc8TuLMqx6YnWouwvPSUbzqPEc4PYLos9twPRb0zKUIfTr_5MmmdHf9Fb4w4wc4dp-NjfzqgfpxCJPtRgzNY33DoB4APeaBuaNuL9bI1gSErOKlMqGy58EfhiFXecYdXLPm0oKIpfSX7cADiHfUwtdf9JLgtjSNFEvhpD3drToSQqHCl4usI3-mDo3cnU8azRrCCMLv4SEA2a_CTIqKNjj3zGDkzisgpVTWyQl0Nr3kSkCyoD7IIrkDdYg8QKhsXoc7ds4CCBtVzEDYxAuXT2eTokRsgA3g7IJ-F_irW3R1CFD4dJtB_r36a5pEveEm691x-L75agqWjyqCNKdxELUWG6ult1eg3I5cWmyjoup0m9wIygejAOemVJHkN23pXS3d7baS_06m2423u8q5hvY37cY8J3uXhecyA91M8JQoRQtg3Ln2hBNFoICM0NLQ3q9kONk73wohCUlHqOWqlj_kGWXdbDdfvZ7BBPjpncZdr_wUchLwTCTh9jTb9PbyVPuDzpQPDxn41AeTP9SN7mG0iUonelNGYtxXgNYu8Sxk9tUhWHEbyZBZpxb3QIgFiyZwzQGI1ujYGyHpzvVFZkC2NY33qWtL8bCLSfETE75jHA14KFOZcratl4_hTYuI3S4q_8SeZ4w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 lyudyam-vazhlivo-zberihati-spokiy-vidomiy-oboronet_20230104_5227.jpg
rivnepost.rv.ua/img/650/ 135 KB
136 KB 36ms
36ms Image
image/jpeg 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/650/lyudyam-vazhlivo-zberihati-spokiy-vidomiy-oboronet_20230104_5227.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

5544e50bd8a7c34c234b5ff5ff606e78b6fdac4a6b24ae93951b813191d9c3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:34 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 14:28:48 GMT
server: nginx
etag: "63b58d20-21ce0"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 138464
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 u-likarni-vid-tyazhkikh-poranen-pomer-voin-iz-rivn_20230104_7239.png
rivnepost.rv.ua/img/650/ 516 KB
517 KB 67ms
66ms Image
image/png 168.119.135.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rivnepost.rv.ua/img/650/u-likarni-vid-tyazhkikh-poranen-pomer-voin-iz-rivn_20230104_7239.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.135.247 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

rivnepost.panel2.dev

Software

nginx /

Resource Hash

2ec7200ad4dd6d4453d0081b3226eeb8404d80fbf417715cd582430af2edaf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rivnepost.rv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 10:49:08 GMT
server: nginx
etag: "63b559a4-811cb"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 528843
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CC4E 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rivnepost.rv.ua/	1970-01-20 08:41:46	Name: ci_session Value: ifeka3ip5unedbu07glsvm33o0vf21q8
rivnepost.rv.ua/	1970-01-20 17:27:15	Name: client_id Value: 1672899027.63b669d33ae300.26800355
rivnepost.rv.ua/	1969-12-31 23:59:59	Name: b Value: b
.rivnepost.rv.ua/	1970-01-20 17:27:15	Name: _ym_uid Value: 1672899028847563326
.rivnepost.rv.ua/	1970-01-20 17:27:15	Name: _ym_d Value: 1672899028
.rivnepost.rv.ua/	1970-01-20 18:17:39	Name: _ga Value: GA1.3.555107083.1672899028
.rivnepost.rv.ua/	1970-01-20 08:43:05	Name: _gid Value: GA1.3.960842627.1672899028
.rivnepost.rv.ua/	1970-01-20 08:41:39	Name: _gat Value: 1
.yandex.ru/	1970-01-20 17:27:15	Name: ymex Value: 1704435027.yc.1672899027#1704435027.yrts.1672899027#1704435027.yrtsi.1672899027
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1107499101672899027
.yandex.ru/	1970-01-20 18:17:39	Name: i Value: ctf19AxOt81e+NEL8DW/T3jBCmHImj9TnZ3iNT/3InIOi9/HDOeiJXa0WUDcND3npEIafeEY4NPO4jORvjdfAkHnP38=
.yandex.ru/	1970-01-20 17:27:15	Name: yandexuid Value: 3463900641672899027
.yandex.ru/	1970-01-20 17:27:15	Name: yuidss Value: 3463900641672899027
.rivnepost.rv.ua/	1970-01-20 08:41:39	Name: _gat_gtag_UA_15709504_1 Value: 1
.rivnepost.rv.ua/	1970-01-20 08:42:51	Name: _ym_isad Value: 2
.rivnepost.rv.ua/	1970-01-20 10:51:15	Name: _fbp Value: fb.2.1672899027953.1406215489
.mc.webvisor.org/	1970-01-20 08:41:39	Name: sync_cookie_csrf Value: 463748558fake
.mc.yandex.ru/	1970-01-20 08:41:39	Name: sync_cookie_csrf Value: 3695357686fake
.webvisor.org/	1970-01-20 18:17:39	Name: yandexuid Value: 3463900641672899027
.webvisor.org/	1970-01-20 18:17:39	Name: yuidss Value: 3463900641672899027
.webvisor.org/	1970-01-20 18:17:39	Name: i Value: ctf19AxOt81e+NEL8DW/T3jBCmHImj9TnZ3iNT/3InIOi9/HDOeiJXa0WUDcND3npEIafeEY4NPO4jORvjdfAkHnP38=
.mc.webvisor.org/	1970-01-20 08:43:05	Name: sync_cookie_ok Value: synced
.rivnepost.rv.ua/	1970-01-20 18:03:15	Name: __gads Value: ID=256d32d0be597a7b-22a4965e01db0004:T=1672899028:RT=1672899028:S=ALNI_MbANfGqpewanUSmheuAgvdVdSn6NA
.rivnepost.rv.ua/	1970-01-20 18:03:15	Name: __gpi Value: UID=00000b9d5c1a1982:T=1672899028:RT=1672899028:S=ALNI_MaxmM8PgxwUxku-BWXi9XEFRlNX8w
.doubleclick.net/	1970-01-20 18:03:15	Name: IDE Value: AHWqTUkp5SolKDqd2h9FhrqJZh4vYoaBpl8SawiGAtcEcyC0xEPhHYcrWadTCeO2ewo
.mathtag.com/	1970-01-20 17:27:15	Name: uuid Value: 424463b6-69d5-4b01-b743-94da776e1835
.casalemedia.com/	1970-01-20 17:27:15	Name: CMID Value: Y7Zp1SuNUbIj3eFffGgUfgAA
.casalemedia.com/	1970-01-20 10:51:15	Name: CMPS Value: 3351
.casalemedia.com/	1970-01-20 10:51:15	Name: CMPRO Value: 3351
.adnxs.com/	1970-01-20 10:51:15	Name: uuid2 Value: 3717152213965785738
.quantserve.com/	1970-01-20 10:51:15	Name: d Value: EEIBCQH9J4EA
.quantserve.com/	1970-01-20 18:11:53	Name: mc Value: 63b669d5-aa366-a634e-79b71
.lijit.com/	1970-01-20 17:27:15	Name: ljt_reader Value: F7xypGZHtVtU4x5vTvS110N8
.yahoo.com/	1970-01-20 17:27:36	Name: A3 Value: d=AQABBNVptmMCENz-Njo1pa5I8EXu5bcxmzwFEgEBAQG7t2PAYwAAAAAA_eMAAA&S=AQAAAvX9kntCSJL7U3IuBnCEm8A
.de17a.com/	1970-01-20 17:20:03	Name: guid Value: 1.5271042049773510575
.bidswitch.net/	1970-01-20 17:27:15	Name: tuuid Value: c7aa48db-8910-4640-b64f-709259b173bd
.bidswitch.net/	1970-01-20 17:27:15	Name: c Value: 1672899029
.bidswitch.net/	1970-01-20 17:27:15	Name: tuuid_lu Value: 1672899029
.pubmatic.com/	1970-01-20 08:43:05	Name: KTPCACOOKIE Value: YES
.simpli.fi/	1970-01-20 17:28:41	Name: suid Value: CB62F52BB95E433E8B11F5F66C9144ED
.analytics.yahoo.com/	1970-01-20 17:27:15	Name: IDSYNC Value: 18yx~298u
.everesttech.net/	1970-01-20 17:27:15	Name: everest_g_v2 Value: g_surferid~Y7Zp1QAJVtOswgAF
.pubmatic.com/	1970-01-20 17:27:15	Name: KADUSERCOOKIE Value: C8F038D0-0132-45DB-B5E3-8106652CB8CD
.adnxs.com/	1970-01-20 10:51:15	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#v@%Ov!]tbPl1M>e)ZlrFUfJ+tGXxoe@/hpnOS=H?Qq!HPSd)zPD:7]V`dYK>5x:N@3If)y3KL9D3I?lN2h^
.w55c.net/	1970-01-20 18:11:53	Name: wfivefivec Value: QZiFjaP91Pdjsp5
.w55c.net/	1970-01-20 09:24:51	Name: matchgoogle Value: 5
.redintelligence.net/	1970-01-20 10:51:15	Name: 8lcfmzhxc8d6_uid Value: 1e0113f11c78d224
.360yield.com/	1970-01-20 10:51:15	Name: tuuid Value: 33fd7d45-835a-443c-b482-9486e75195be
.360yield.com/	1970-01-20 10:51:15	Name: tuuid_lu Value: 1672899030
.tribalfusion.com/	1970-01-20 10:51:15	Name: ANON_ID Value: aOnsIHSyZaRGRT8vnQXf4oibKjTfGxmfVZdeSFm7crsZcRXFZaTdLsntjyDeoIFR4c9DhiIil0TTFDlnjBeU3kyZagdc3
m.exactag.com/	1970-01-20 10:51:15	Name: exactag_new_gk Value: 0043099afaf640918502fd397689e4e6%7C06.03.2023%2006%3A10%3A30
m.exactag.com/	1970-01-20 13:00:51	Name: exactag_new_uk Value: c42b94801d934f4e929ef6ff1aa1f291%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: dcf58904d6d743c188e7165c
.doubleclick.net/	1970-01-20 08:41:42	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 17:27:19	Name: b Value: 63B669D678EFBE1CC03E612EBLIS
.turn.com/	1970-01-20 13:00:51	Name: uid Value: 4385420038606230273
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cf0rklxs0qiuomlf4pojz0m2
pb.media01.eu/	1970-01-20 18:17:39	Name: DTU Value: 1C78C22D3FEE91D7E4964E676D6146A5
.3lift.com/	1970-01-20 10:51:15	Name: tluid Value: 4356223699229930213519
.mathtag.com/	1970-01-20 09:24:51	Name: mt_mop Value: 4:1672899030
.1rx.io/	1970-01-20 17:27:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-703f0125-16b4-41cc-8d8c-314cac1ca49f-003%22%7D
.e.dlx.addthis.com/	1970-01-20 18:11:53	Name: na_tc Value: Y
.targeting.unrulymedia.com/	1970-01-20 17:27:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-703f0125-16b4-41cc-8d8c-314cac1ca49f-003%22%7D
.addthis.com/	1970-01-20 18:11:53	Name: na_id Value: 2023010506103000078844870900
.addthis.com/	1970-01-20 18:11:53	Name: na_tc Value: Y
.addthis.com/	1970-01-20 18:11:53	Name: uid Value: 63b669d63225f894
.addthis.com/	1970-01-20 18:11:53	Name: ouid Value: 63b669d60001a1c8412295909de8c4cba051e56c84f4aee8b7e3
.dlx.addthis.com/	1970-01-20 09:24:51	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 09:24:51	Name: na_sr Value: 20230105
.dlx.addthis.com/	1970-01-20 08:41:39	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 09:24:51	Name: na_sc_e Value: 0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://rivnepost.rv.ua/(Line 2049) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16854977&s16853377&t0&c1&n601511&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rivnepost.rv.ua/(Line 2049) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16854977&s16853377&t0&c1&n601511&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108338005955045&output=html&h=280&adk=3105171064&adf=270333701&pi=t.aa~a.3789576887~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1672899028&rafmt=1&to=qs&pwprc=1092727598&format=1000x280&url=https%3A%2F%2Frivnepost.rv.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899027852&bpp=3&bdt=497&idt=353&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5417183431727&frm=20&pv=1&ga_vid=555107083.1672899028&ga_sid=1672899028&ga_hid=1691984888&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767167%2C31071219%2C44779794%2C44780792&oid=2&pvsid=1604498384740481&tmod=386851689&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ddrACp4p4u&p=https%3A//rivnepost.rv.ua&dtd=356 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-2108338005955045&fa=3&ifi=11&uci=a!b&btvi=6&xpc=tc2tdB4kYi&p=https%3A//rivnepost.rv.ua Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-2108338005955045&fa=4&ifi=12&uci=a!c&btvi=7&xpc=SH14zM5Cnu&p=https%3A//rivnepost.rv.ua Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.tribalfusion.com
ad.turn.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.bigmir.net
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
i.bigmir.net
ib.adnxs.com
image6.pubmatic.com
m.exactag.com
match.360yield.com
mc.webvisor.org
mc.yandex.ru
mc.yandex.ua
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.mathtag.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
rivnepost.rv.ua
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
sinoptik.ua
sinst.fwdcdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
www.ad-server.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
mc.yandex.ua
104.18.33.19
138.201.63.165
138.201.84.252
142.250.201.194
145.239.193.130
149.5.244.20
151.101.2.49
168.119.135.247
172.217.18.98
172.217.19.102
178.250.2.148
18.156.0.31
18.159.17.250
18.168.49.234
18.66.15.100
18.66.15.61
185.29.134.244
185.29.134.249
185.64.189.115
185.80.39.216
185.86.137.121
185.89.211.116
193.239.68.97
193.239.71.100
2.18.233.201
2001:678:cb4:bbbb::11
212.42.76.150
213.155.156.169
213.19.147.44
2600:1901:0:76b9::
2600:1f13:800:7780:137c:669c:dd97:7e28
2600:9000:211e:1600:1b:5138:8a40:93a1
2600:9000:214f:1e00:8:48e:53c0:93a1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2006
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9d
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::c
2a02:6b8::1:119
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::485
2a05:d018:d29:3601:a714:430:b1b4:42a7
3.126.34.117
34.251.89.118
34.96.105.8
35.179.46.115
35.186.253.211
35.204.74.118
37.252.173.215
51.38.120.206
52.51.214.106
54.76.176.197
69.192.160.219
72.251.249.14
76.223.111.18
85.14.248.71
88.198.250.30
98.98.134.241
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02bd512e4b796331633cb3ef1147566478b2df904fbbe8be15df6c2749f34641
0417dead21bcf3fcd769590ebad2c6831a287c8168c7c259376afb36424464b3
04602ee5368e5713db1db0688de69cd4f0cf9832b00a038ed6e8d1e31ee646d0
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06725e851e5d9d27ddab60025570104735cc7bd18d3545acf4033b7ef087bd75
083626efb0ed1b8fe679bab05e950a25f5f9a01ca043e9cc7faa1ec545e0d7fd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
097eec66d546bfc13230a83fa1251571613e451c2cc815b413eae87c7f4751c8
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0a31548ef5cc33b72ea235e63d28530dcf076b14e98de84763a2377e19b7e218
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b29ae20b6b6ae9c822246625f02fea191cb1288d9c0c178d81371f0e28758fa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b90becb6aff9714af4489d686d31698f3ca47a9db18cc87ee0080c43b47f56a
0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5
0c4cd9b147000e4bb98618a2ee62a028f96dc6b6aa16bd66c115fe318f7556ee
0db5a7df2655e3c5ee1c079264722dc432198b671de42582fb3790a3e4e15469
1205c7aedb7c75b00c82d65926f4c5220d437e4970b9e4a5a395456cedc441d2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144cc9c3a9360a99c74deb8f3fd865d3322ef79c9fa1ea9e37ead53c2153531e
14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
1918512b4045c73afb94f9727b671d53cb5e954bb6502b6c0b94e7aeee2c923a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
219e7dfc44c71a52ad3e28fa1742a7d10747d84f164c2798be24ed23386e26a5
21c810b143f9940a3551baf3c1b965a353361499146ea54f5a53c5e66599e8c6
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22b39fb5e4a7644fbb1231299e1931e5072954489aaeef4b72bd4fd447c1c99a
247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab
2491566f8e85ceaca9dbc4a9eb51e58364c383b685f15a851c12267f2991ec63
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
29404c82c5a2288701f968df758e8f6fd4699299dee0a2adacf705f6ee50a89d
2b0a62fe7c65cd47427466599641bf48bb48b665a8407955dc822bc789d785f9
2ec7200ad4dd6d4453d0081b3226eeb8404d80fbf417715cd582430af2edaf39
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
304f26ae793fb1b1f06b2ba7f0ac10f47526d8a91714ebc8e55b4afdc784b58a
313d73db3d7e386fcd2fcc9a250884bd4c093a9c1e3db0bc20f3df3da87bd994
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322e7fbd2b15ef0888b0c28c3d42f6a082526435e32d94090225b74a52d054b0
33008ccce54547003b3dd110d7ce1871dbee38646ef267b4a5bf9d12fbb1b7dd
35bb9c8d06e05ee24934e2baa021a18c2451da7ae39fe8b622066dac9db376cd
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
36e754a947485beecff5b5aea1794edc4cd033cc6c1abc4f16e8e14a01a6dc28
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38d418160dd6e5aec52be7ff4840da8d2efd87282991088f580e852a6b54ad67
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3af7220a05866810d3c0d4482b448c3eb82a82ed52247fe80d67786e861231c9
3b3e8e32d13dca8b9bfb1ae84c2b9bccefe660e18eab097a5c8d8f9479f1c45e
3b7dbb2f7ef844758c0558d807709bf405677de40ae3fecf9321f32371deabd7
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d8974e42725802f64eedeac98d71ce2f655a3aee9bd7d7de5ee4a3d76f0739b
3eb27dddff57dcf114566fdce910e4ea41d7445bcedf8a7a1912ad6dd81fc4bf
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
40aec81bf10f23ef69ff15f31771ed192bfcbd07128afa8ae3cfa6c6915c1475
40d163a81a60a4f29628f72060ad0fd3749411ea1c24d35a3c7a63d65ec356d2
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
4226f930e65a38c4a2b00405206414834254ccaf00459f829518844e58c205e5
4396e9a6e18265f89c3755aeb67569f3bfd0332449dd84f21bee9e1a81a78949
45226241663aaa4b84fd93c243843a893b0e48c5b753ff41ab04817c8eef0557
46198e6dfdc2944fc980571e4fcd20344f592452236a3c6241d4a0de4eeceba1
479581bf3603da9919e7d357657cb05e32a6948521f48f1e13f12230e5c1f6d6
47ff27c51800a600b8d24c225e65f0b194f4391287acea4bb79870ca8fd0129e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b81a3bccc554dbca429e4e0c91d05147cface6fed0f527b6ae81c40c571e56d
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d575abcad806b32b73b96f401233c879209ed9f3873da9286d3a21b7cf9e45a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f362f09cdbe2789b7d2e274901293bfccfe090c59baa48c2fbfabbba44a5a87
4fe27dc5603d02799babea00d5a93a207c790d03d2efaffc10272d117c529f43
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ddb8a77f96819b49e4172fd16830b21eb2b57795c2392e7769b517cf68fa69
51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7
5262b2207361e3ab170bf6fd23356e1a82d121e4ce88b4d97f244275bae52d20
527ec9c417dc5aa370f5739ea72a352b7a59890b6e44019cdc1a91fe271ac1cd
52dd555cf84cace5c4f8cec4c08b5081861417a3458955e609e4ac945f7eeb6f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5544e50bd8a7c34c234b5ff5ff606e78b6fdac4a6b24ae93951b813191d9c3f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a874f4baf0f4e4d42a095ec314965dbc75f832bda691c31c83c2a376655d9d
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
591b86e90f46c59a6e8244c9a630923141d18a813301f5a894f9004c419b8a88
59b8ec6d68e86cd82b8d4d7f5c7ac26182979c7f5c241399289e02c3df8e5d76
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5af877ab099676a8fc6227ef601aa902e882669a41a2fa8d4cb6eb29cd59f246
5b891776a355420e712709adfeb0a7f3025754ffdeab17282d670ee877c735de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5fa3d14d5ec1674605c6d60483597269908efc6283ea65e70a615f543f814b75
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e63537109a4474c39e89760d780386db0240b782c50f5ccc4c5f1fb2afd3a3
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
632e1521839eb4a8cab71791ca8658ef9bac7f69270b78f52032bb4b34258d2a
64068ac963780d6e184a3a37d7fccd9fb4838aa7c52ad7d93c25babf5d1c42c3
64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f
6665e3a0ed76f324c68d2449041ae4297d8d133674263b616b586b9351619206
694a08362c6d587be174cd104e6888385d9a6e53e663c2c6f1846f988e9ff6dd
695cc6ef8446ee3a2e6ddb92244f406b64279708612d7d1dae59359e2e7c1ee3
697d124621fb37d791fa207b681fe129205407cb9fd9a0a9f14fae692264289b
6a161252cbf7e20e725cd847ffb35f79c2bcaec7784b7614dd832a3cac9e88e9
6f810bc2b76a03a217922206f2ffc0b52a7a6b00ebcd0827edab3b49739c901a
6ff0a0be3f85bb013b83e19c0f2df2eed078f5d793aea3b52756241f40167f64
7111d52b56990f8cb5ec10f834371c1171db3d8ec49df1f0b499f254d9b11046
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
74cd6899b72be5df6571d5ea0789a87d3a31861fc3577945da7edf945462143e
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
774568050d8f23c45ea5ea5500490dfe711b1d659d1ff5adde1f43c4e6b31d40
78ded6bc7019e22458c9baf1cd834d728341d3e7791ab850275fd5f3f4d7693d
7954f8eaaa36c9c8f73114036f99f0fa555200cc4bb3d8cd69b65676dfe340fe
7a379010b82284444f5420cb52b31a8a14859aea6af2d5c75a958d2e6f82e3af
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7adcbcaf3158270b4dc2354bb397adc044a5fa7b60d45f5a7d53cef8f0fc0bc9
7b814f266598d065d5086eac41af0b67c907b6e0f42e88ed65908f247864a696
7bceabfd081564abb1048fbee47167788f01f8f6a25367c38ab244fcb5fda21a
7cc3b226a8fceeef802a13091d6f0e96ed4222ab88373305e555a8b9e40b8f7a
7e7849d0b122eb6d61212250af1171bd1b28bc22f8401733439b8ed8ff9dbfd0
7edd53db8a75e4901964ef11b21ba64506ea7d091ebb2ebe21c0664c5e6195f7
80f51247135179b0d18e32d4ea0289bf083da9fe6618a9ffbe5dd3278e224cf4
8176f4510683ca8e677c53050fcc89db9a452f2aa435120a1a91d165ea9f6ec9
82c16023959247300e9248d76c8531dc46569d86199ae0e55f53feea6a31f843
82f448a9bf0891a4f62982f74a704262754233ee4ee577f8386b7b839f263868
832c38fe226ee8a4bbef100d86612fa6f347d7c8b6f4d17d8636a4049105bc00
8395294a270cc3865dbd6d5d613612e50e7d5f9f054544df8e95d4755f513e6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8580d274e3a5aabce80f8ef7d53e4dcf749cbe98474e8652d58413ead444682a
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78
872792b6a6e32547b02cd180d4d63a7b7932f75c44af766e52d70216c6c5d220
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8dcaf7a4c3893a3070bb24560f270501ea9471e592ef21805676bb81e7a67336
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed0585788a4d58cf34f021ff0f3277a3ed46d1f51f32d2e3cbbf9408963bc4b
8fe3313de60c6caf4d1138c94b87fabacbd7487cb62c8bec5f415fce07590b0a
929a54c6d4cfc5161225586076c54de978025c9218a466e45e2431a9947e16b8
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
9a3da18c68e9552a1ddfcfc19d9be51f1f464eb83b8aa94cbc5fbb050e75930f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab14f4d2a6fd804b43646c62bdbc2ed7b94fd5b40f2eb2a903cbf2f5012c0a1
9d1b2247bb88c939f2c0f06d2e233910026ca6b2672019073a6411edd15d05a5
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dae30d4c2979ac8f151ca00c687a994817cc1077566fa210ecb0051832b2e8e
9e37f64261cc0b4b5a5f6ac79ad14a609e79d43d30f3d3a01d6dfcd811663906
9f7b04b664fc1079a2c37a2211cfa66a11efec378448d815897bf534c1644f17
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a06d0ea2b16836a63e22763dea33656b82107871b5ef7a510a0368acbfcc7d27
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aec4617887c42671adfd70486d78b33e66ffabd89bf240decbccb07651a453
a5574a57960f1f43537fb456a7b3dc84ceee30603c52b9bfdb1ea9aae7c66ba9
a5ab79f1838fd9971cd4dbc3e40c01bda11814d5f0eb5a486779e9a89409a322
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab8472bb68bf9db2b9a40bb2070e338586f49ce2d66d84f3a211ce80ad378afb
abb0d1fb36c17c645ac0b76f48f419a43fb5116ac9cbc137340f75cc7e5ff774
abfb117d952fe4152f16c10822931953195ae00ad6a15a9abd6c80666b686534
ac5b60722598e16d90925ad1462532e144a0f342b828836a8b65ffec3029f0e4
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b109010de8a42aa1daa08dbdfc84859dec8a69f9567cde5463d4d2233b11d993
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8
b9dd816eecfdf54b1c0da6183c0a5b0f1ccce385becad77f7d711bd214d59ab5
bb2d2f0c1d273a3b019680b2b6ad6f933cd26b57742cbd970f11c1b4866490bd
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
be3f5035c6ea44640ca2f468d2de829b77c3d9dd500d525afc965d7ceafef06c
bf5d6418c3e3c8a56d74ca8eaf0ffda6e8ea7de70c063f1f268b1b5efb51a210
c0ba943c44e2e38b0c8b49700b8aa91390c90e43c078ebba8a014dddc80c4975
c21ed7d28f1b34db5fb354e6a6cd64d28767f82f585b7ac8a7af65cd07f5e20f
c24ac47bf194dbe50027e830e5c295cafebd2c3b17db96ad7b70f4c5ef97a97d
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15
c74cd14583c6030d1e0889fc87f72761b07ac039190cf9925ac1e637490971fe
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
c8e8f301e3ea4f93c90e3f1789684b12ab51c370f11610f51b5c60ca2eb9df6e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
cc66888ba5462f9ed4ba6b78735ed6a711a7f9d1ff7d9a72356b8fe33d43f546
cd05e27feba8f8fc3cef5ca052493ffc0a4b126dec26e0ed76aa72e2318cddad
ce469a7e35fd799dee6e08d6558d50847daa4f2367bde5d2c8927d1797538b57
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d005405d1ca99381281cd63167602163c8763203e33036bb8c72719fa6a6598b
d3693096211160b80a6fddbdf0c5ca85d303f1a847bf2af5d722415ea277ce53
d51fb3da034945987b624f6f771a9489b35f196d83f43ecab125869af5ae4bd0
d71e7be423b0f0a4404260d596e8408ec55bfe5517ccd8a54e8c1f14ff7e1edb
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
dc085cdb760a6430d2b4d558328898ece2ebc5d1e48b90c5c97fdee42bc1d54f
dd7180f8693d0da61ed437180a4d9e6a585ba272b52034f325ee967c06345e09
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff1899505bfde6e3254743a631d1828d184b5739462be13d762820f7854e6c6
e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e17874f13674ae869e8066c8590649ad47e8744071f8a5f191b91b05b629173a
e26f3c9c4b3c4c9b3d6b208aca35af098f2f5d64d60ef9cbaf868667f08c0426
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e3d0b3516ee9881341c3dba8bd0193fadee65c5f230af0657dc8f942610baa30
e504b020deabded5ee0d6f257c0aa59180accbc52838ddec106d233204be722a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62518d8a624d68773d203228470e221c06c133dfccaaf55e57fed1f788bb4bb
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e8761e37f0d5b6fc457e46eb96b986c1d3323025d26cb0f71593742f426ffb95
e8fd9399a8dd6820dacc10809bd0eb4006b20ea1b39aa5ad493a516c60464287
eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ed8e9d019a37c3774ae15925ae3d7be1c3571993a32ee371a71b7835d609df01
ee059a92b3094e4a2f04df153aec2ef0a978b70eb977df3d86c169085154517a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef89c8a8d9289f4875e4f2a7009bae5f2b2d30e234bc9714c61c660e31539e5b
efbde5953e15846e13563625484ef3f294cdcdff4b0d8f5b91adc6e8e941619f
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f04b2091381bb59654459cadbaaeb9b55e7de1706f91041ffbfe0f7fb43d557e
f07dcd68dec7e9227b28fd2ac073c9da7561d5a249c98482f23e3f215c49948c
f0a0c7dd8cccf9f6242549757fbb6b960d4043d8f96fa6c8c2cc75afa972744a
f2b608f6ada3b15d3a74c0040c435d748aa3ed724336938a8cba44e7c76983b7
f2bfe5efe5535422dfa8b891896ec6dbb028a9703fa4d4167e50379fd2442512
f31c2698a1d86ac2a363dc94174ae96b3c4c4552f8a48a3e54947bf969e1613e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
fbd371717439186ec896c893c81df923c15f0f405e0dfc9b8edafa8d9fe3a474
fc0ee6192d950c6f904dc8b914056d112941263b339335353c6525a4558795d6
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fd631bb4a804bd4bf7fc85913d015b972a322c151c4fcc5711038912929dfecc
feb8edc152f26eace677b0c96d51de5dce2b65fa49e816f7a26e7f503181d971
ff4460c06564fe0bdfb43118add8d1828009029cabce82a14351135dd490e042

rivnepost.rv.ua Open in urlscan Pro 168.119.135.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

446 Requests

91 %HTTPS

46 %IPv6

61 Domains

89 Subdomains

65 IPs

13 Countries

8469 kBTransfer

14017 kBSize

71 Cookies

16 Outgoing links

Redirected requests

446 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rivnepost.rv.ua Open in urlscan Pro
168.119.135.247 Public Scan

Screenshot
Live screenshot

Full Image

446
Requests

91 %
HTTPS

46 %
IPv6

61
Domains

89
Subdomains

65
IPs

13
Countries

8469 kB
Transfer

14017 kB
Size

71
Cookies

446 HTTP transactions
10 data transactions