urlscan.io logo urlscan.io
SecurityTrails logo

www.ukr.net Open in urlscan Pro
104.18.8.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukr.net/
Effective URL: https://www.ukr.net/
Submission: On July 17 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 11 countries across 37 domains to perform 218 HTTP transactions. The main IP is 104.18.8.128, located in and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 100856.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.
This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 104.18.8.128 13335 (CLOUDFLAR...)
25 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 9 212.42.75.253 8856 (UKRNET Kiev)
2 2 212.42.75.249 8856 (UKRNET Kiev)
4 136.243.84.75 24940 (HETZNER-AS)
1 2 137.74.6.209 16276 (OVH)
1 147.135.189.55 16276 (OVH)
8 212.42.76.151 8856 (UKRNET Kiev)
4 212.42.83.135 8856 (UKRNET Kiev)
1 193.200.65.2 6681 (GIVEME-CLOUD)
1 2606:4700:1::... 13335 (CLOUDFLAR...)
4 212.42.73.60 8856 (UKRNET Kiev)
1 185.187.81.41 43332 (IDSTRATEG...)
3 45.133.44.3 39572 (ADVANCEDH...)
4 209.205.201.34 55081 (24SHELLS)
1 185.187.81.40 43332 (IDSTRATEG...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 2a02:2638:3::3 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
17 2a00:1450:400... 15169 (GOOGLE)
1 24 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.227.139.243 55081 (24SHELLS)
1 216.52.2.48 32475 (SINGLEHOP...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 54.158.62.28 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
3 4 142.250.184.226 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
3 4 185.89.211.12 29990 (ASN-APPNEX)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a02:2638:d::13 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 138.201.135.164 24940 (HETZNER-AS)
1 4 138.201.220.30 24940 (HETZNER-AS)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 145.239.193.130 16276 (OVH)
1 13.41.28.186 16509 (AMAZON-02)
1 2 172.217.18.102 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 1 35.186.231.97 15169 (GOOGLE)
1 13.224.189.55 16509 (AMAZON-02)
1 18.66.26.39 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.40.20.169 16509 (AMAZON-02)
218 62
11    104.18.8.128 (None, )

ASN13335 (CLOUDFLARENET, US)
ukr.net
www.ukr.net
zakladki.ukr.net
25    2606:4700::6812:509 (United States)

ASN13335 (CLOUDFLARENET, US)
upst.fwdcdn.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2606:4700:e2::ac40:8003 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
9    212.42.75.253 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com
accounts.ukr.net
2    212.42.75.249 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com
mail.ukr.net
4    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
go.rcvlink.com
2    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
1    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
8    212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com
pinformer.sinoptik.ua
4    212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
kinoafisha.ua
1    193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com
trafmag.com
1    2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
4    212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
counter.ukr.net
1    185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
3    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
4    209.205.201.34 (Piscataway, United States)

ASN55081 (24SHELLS, US)
PTR: static-34-201-205-209.24shells.net
ghb.adtelligent.com
1    185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.znctrack.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
fonts.gstatic.com
13    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
17    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
24    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    54.158.62.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-62-28.compute-1.amazonaws.com
cookies.nextmillmedia.com
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
5    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal9000.redintelligence.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    13.41.28.186 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-28-186.eu-west-2.compute.amazonaws.com
track.webgains.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
impfr.tradedoubler.com
1    13.224.189.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-55.fra2.r.cloudfront.net
img.tradedoubler.com
1    18.66.26.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-39.vie50.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    13.40.20.169 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
309 KB
26 ukr.net
ukr.net — Cisco Umbrella Rank: 57598
www.ukr.net — Cisco Umbrella Rank: 100856
zakladki.ukr.net — Cisco Umbrella Rank: 614016
accounts.ukr.net — Cisco Umbrella Rank: 203937
mail.ukr.net — Cisco Umbrella Rank: 126292
counter.ukr.net — Cisco Umbrella Rank: 156447
155 KB
25 fwdcdn.com
upst.fwdcdn.com — Cisco Umbrella Rank: 233002
388 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998
csm.eu.criteo.net — Cisco Umbrella Rank: 7838
192 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 258300
257 KB
11 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.gstatic.com
225 KB
9 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7135
ghb.adtelligent.com — Cisco Umbrella Rank: 6002
sync.adtelligent.com — Cisco Umbrella Rank: 5651
194 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38273
hal900016.redintelligence.net — Cisco Umbrella Rank: 241594
275 KB
8 sinoptik.ua
pinformer.sinoptik.ua — Cisco Umbrella Rank: 189112
47 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 405
mug.criteo.com — Cisco Umbrella Rank: 2102
ads.eu.criteo.com — Cisco Umbrella Rank: 7742
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13879
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9055
65 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
110 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
225 KB
4 kinoafisha.ua
kinoafisha.ua — Cisco Umbrella Rank: 476992
81 KB
4 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 45272
8 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
262 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 20510
api.webgains.io — Cisco Umbrella Rank: 51644
31 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 49812
medialead.de — Cisco Umbrella Rank: 49477
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
3 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2556
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
2 KB
2 tradedoubler.com
impfr.tradedoubler.com — Cisco Umbrella Rank: 108264
img.tradedoubler.com — Cisco Umbrella Rank: 81856
1 KB
2 trafmag.com
trafmag.com — Cisco Umbrella Rank: 36282
t.trafmag.com — Cisco Umbrella Rank: 41985
4 KB
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9637
1 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 50288
2 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854
421 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 39920
2 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 208307
931 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
5 KB
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4060
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 782
277 B
1 google.de
www.google.de — Cisco Umbrella Rank: 4752
408 B
1 znctrack.net
s.znctrack.net — Cisco Umbrella Rank: 204306
450 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 492563
170 B
1 mgid.com
servicer.mgid.com — Cisco Umbrella Rank: 7293
3 KB
1 mixadvert.com
m.mixadvert.com — Cisco Umbrella Rank: 278079
711 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1174
7 KB
218 37
Domain Requested by
25 upst.fwdcdn.com www.ukr.net
upst.fwdcdn.com
pinformer.sinoptik.ua
24 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ukr.net
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
13 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
9 accounts.ukr.net 1 redirects upst.fwdcdn.com
www.ukr.net
accounts.ukr.net
8 pinformer.sinoptik.ua upst.fwdcdn.com
pinformer.sinoptik.ua
8 securepubads.g.doubleclick.net www.ukr.net
securepubads.g.doubleclick.net
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
8 www.ukr.net www.ukr.net
upst.fwdcdn.com
pinformer.sinoptik.ua
static.cloudflareinsights.com
7 imageproxy.eu.criteo.net ads.eu.criteo.com
6 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cdn.ampproject.org 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
4 hal900016.redintelligence.net 1 redirects 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 hal9000.redintelligence.net 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.googletagservices.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
4 ghb.adtelligent.com player.adtelligent.com
4 counter.ukr.net www.ukr.net
counter.ukr.net
4 kinoafisha.ua upst.fwdcdn.com
kinoafisha.ua
4 go.rcvlink.com www.ukr.net
go.rcvlink.com
4 www.googletagmanager.com www.ukr.net
www.googletagmanager.com
adv.office-partner.de
3 fonts.googleapis.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
hal900016.redintelligence.net
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
2 api.webgains.io analytics.webgains.io
2 5994599.fls.doubleclick.net 1 redirects www.ukr.net
2 pv.medialead.de hal900016.redintelligence.net
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 encrypted-tbn1.gstatic.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
2 www.gstatic.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
2 sync.adtelligent.com 1 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 a4p.adpartner.pro 1 redirects upst.fwdcdn.com
2 mail.ukr.net 2 redirects
2 player.adtcdn.com www.ukr.net
2 ukr.net 2 redirects
1 adservice.google.com 5994599.fls.doubleclick.net
1 cdn.track.production.webgains.team 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 img.tradedoubler.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
1 impfr.tradedoubler.com 1 redirects
1 medialead.de 1 redirects
1 track.webgains.com www.ukr.net
1 adv.office-partner.de hal900016.redintelligence.net
1 csm.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.nl3.eu.criteo.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
1 ads.eu.criteo.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
1 encrypted-tbn3.gstatic.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
1 cookies.nextmillmedia.com
1 t.trafmag.com
1 ap.lijit.com
1 www.google.com tpc.googlesyndication.com
1 mug.criteo.com
1 www.google.de www.ukr.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 s.znctrack.net www.ukr.net
1 loadercdn.net www.ukr.net
1 servicer.mgid.com upst.fwdcdn.com
1 trafmag.com upst.fwdcdn.com
1 m.mixadvert.com upst.fwdcdn.com
1 static.cloudflareinsights.com www.ukr.net
1 zakladki.ukr.net www.ukr.net
218 67

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
proizd.ua
robota.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
iron-master.com.ua
www.otpusk.ua
www.accordtour.com
dom.ria.com
lun.ua
flatfy.ua
greenville-park.com.ua
casada.ua
healthyway.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
budpolimer.com
goodmax.com.ua
luxchrono.com.ua
artpotolok.kiev.ua
lascala.ua
work.ua
optima.school
layboard.com
grc.ua
optima.study
cutt.ly
buketland.com.ua
flowers.ua
hvosting.ua
nic.ua
rx-name.ua
internetua.com
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
mixadvert.com
m.mixadvert.com
kinoafisha.ua
nv.ua
sprotyv.info
www.eurointegration.com.ua
censor.net
www.rbc.ua
news.liga.net
focus.ua
gordonua.com
tsn.ua
aspi.com.ua
mind.ua
hromadske.ua
thepage.ua
magnolia-tv.com
ukrayina.pl
www.newsroom.kh.ua
donpatriot.news
dw.com
uspih.in.ua
itvua.tv
kyivschina24.com
mykyivregion.com.ua
informator.ua
kosatka.media
forklog.com
speka.media
root-nation.com
portaltele.com.ua
nauka.ua
processer.media
tech.liga.net
newsyou.info
uamotors.com.ua
mmr.net.ua
www.autocentre.ua
xsport.ua
sportnews.com.ua
www.ua-football.com
sport24.ua
ua-novosti.info
glamour.kyiv.ua
beautytips.kyiv.ua
www.planetanovosti.com
zhenskiy.kyiv.ua
lady.kyiv.ua
storinka.com.ua
biz.nv.ua
myc.news
u-news.com.ua
novyny.live
dailynews.kyiv.ua
meta.ua
novosti24.kyiv.ua
mil.co.ua
kriminal.tv
zaxid.net
prostoway.com
telegraf.com.ua
useti.org.ua
woman24.kyiv.ua
plyashka.com
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.facebook.com
www.aks.ua
sotnyk.net
helplist.io
petlive.com.ua
bank.gov.ua
savelife.in.ua
shelter.dopomagai.org
dovidka.info
sprotyv.mod.gov.ua
klubnatura.pl
life.pravda.com.ua
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.bamf.de
www.ukrainetakeshelter.com
vogue.ua
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
mgid.com
clck.mgid.com
adline.kiev.ua
mail.ukr.net
Subject Issuer Validity Valid
ukr.net
Cloudflare Inc ECC CA-3		 2023-02-07 -
2024-02-07		 a year crt.sh
fwdcdn.com
Cloudflare Inc ECC CA-3		 2023-02-07 -
2024-02-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
adtcdn.com
GTS CA 1P5		 2023-07-15 -
2023-10-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.ukr.net
Thawte TLS RSA CA G1		 2023-04-29 -
2024-03-29		 a year crt.sh
*.rcvlink.com
Thawte RSA CA 2018		 2022-09-25 -
2023-10-01		 a year crt.sh
adpartner.pro
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
m.mixadvert.com
R3		 2023-05-28 -
2023-08-26		 3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA		 2022-11-23 -
2023-11-23		 a year crt.sh
kinoafisha.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-11-14 -
2023-12-14		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-06-13		 a year crt.sh
loadercdn.net
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
player.adtelligent.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-01 -
2023-08-30		 3 months crt.sh
s.znctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-08-31 -
2023-09-05		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-07 -
2023-08-30		 3 months crt.sh
redintelligence.net
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
adv.office-partner.de
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
pv.medialead.de
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 24 frames:

Primary Page: https://www.ukr.net/
Frame ID: F88F1D63E7C478AFBC277D44404C3343
Requests: 68 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: EAEB887D7857948ADA454669C35E5F4A
Requests: 7 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: C961AAC893272A710D91A52E0C99D69F
Requests: 4 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Frame ID: 8001ABA2D8D69A802D69615A3CFCB70D
Requests: 13 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
Frame ID: 7CDB76C3B8990B10ED45CEF7D63690E4
Requests: 5 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: E798081951B005B296BAFEA6D57859B6
Requests: 1 HTTP requests in this frame

Frame: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F740F671E97A0A65C588A65DEB9AE4F7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: 559996FFBB58517BFD9887D2CC1E5AF5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 522CCBC5889B33509036E919BB6691D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2BE1F27B6F15F49AA1B06A98B917319
Requests: 2 HTTP requests in this frame

Frame: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 15BA34F57CBACCFB529ACE3C24C49AEA
Requests: 15 HTTP requests in this frame

Frame: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB7FA037B12EE31D5A0AEAD55C185224
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 3167145DA98F7E8D1F47CA91136CE38E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: FBA5C9F7DAB3C6434F42BE85AC6B1E6D
Requests: 1 HTTP requests in this frame

Frame: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB21B11E7830994A7208CD73C7010231
Requests: 16 HTTP requests in this frame

Frame: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D556C14B2FA4F2B85762422198489CA2
Requests: 8 HTTP requests in this frame

Frame: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 876DBC0C86831D183A293F6B59D031D3
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Frame ID: ACEE289244E0EC801AB33665D4A61CDE
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUVl9SKdFRctxS4AZdmaMRktQkaNgjwchPFAhKix_ddicQCcUX9BVOonUSTEJ9tYE8wjTK6bRBW0dtdX3OYyEEw0ICM5Yz7CVamEeFa4mVH-BRZYHnbUW5jUScULWayo5ziEegVnn-bG_eT5YlSt0SZz2AYYjA7kIfe5H5kpONCqyf_sB4
Frame ID: 0175E83B604EEBCBB8553E2DBD4708F3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AD731949B19337C1289C65B994CDA60F
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 5E9002C49A6204C26174315C79D2009C
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 4629EA0F9450BC69A51C716FBC485845
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593
Frame ID: 349DFEDCB76613CE56FB9AA54D698637
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Frame ID: 065AF48300787B86687627EBADB6D7DE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

  1. http://ukr.net/ HTTP 301
    https://ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

218
Requests

95 %
HTTPS

47 %
IPv6

37
Domains

67
Subdomains

62
IPs

11
Countries

2847 kB
Transfer

7536 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukr.net/ HTTP 301
    https://ukr.net/ HTTP 301
    https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Request Chain 88
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=YEvJK3xlSngyenY2Qmt5cEF0Ni9YQ1MrTFZoYkNNNVdRdlV6UzNBTlp3UlJuRjM1U0t5bTRyVnR4aWl4NUNZYlFkQkErblA4bkhLS0dTMS83SVpCS09FWHpSeENRd0ZIMlQ3bUYyM0lkQ3Jrb20zT0tocnB3RUkycjl0OGZxT2hNenBTNjFheXJ0ZkFET0RvYmFacjNzczJ0S3FZQU9TRExwVnZRQzJnOU56ejd4cG9ibldQNS9UWWtnT2k2dnZaVUROdWQ2eUV6eVN0Sk5JeEZQclV0K1k3VUZxMEpDNXpyYkFiZDdYaEw0YzhpU1F0KzNueXNDOGlZY3lWZWFOaitheVR1NzlTeWtpNmxxUEp4K3hsNXJMdGE2Zz09fA&cppv=2
Request Chain 99
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=782d48d4-a500-446e-b426-c05fd62bb0de
Request Chain 101
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=e39c395feb3f2885
Request Chain 122
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODioMzjRBDQDxj0AzIIeAKtVjyZlu8 HTTP 301
  • https://tpc.googlesyndication.com/simgad/1033797424505648827
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1&C=1
Request Chain 165
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLVhuMtonAIb8fULe-NDGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENRPAsj7RwqlRfPMoi3qT9w&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENRPAsj7RwqlRfPMoi3qT9w%26google_cver%3D1
Request Chain 167
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMzIzNzM2ODE2NDg2ODIx
Request Chain 200
  • https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 205
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593
Request Chain 207
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 208
  • https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(86199100113987104444978012388016)084371937 HTTP 302
  • https://img.tradedoubler.com/images/inv.gif

218 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ukr.net/
Redirect Chain
  • http://ukr.net/
  • https://ukr.net/
  • https://www.ukr.net/
160 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68fd912b1019de0ebc6e6fa4fb0aaba3f630780d477078d3bc135013bd6d665b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status
DYNAMIC
cf-ray
7e839a530cbb35fa-FRA
content-encoding
gzip
content-type
text/html
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
-1
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7e839a527c0335fa-FRA
content-type
text/html
date
Mon, 17 Jul 2023 15:43:50 GMT
location
https://www.ukr.net/
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
top_links.css
upst.fwdcdn.com/css/1688553803/ 		1 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/1688553803/top_links.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14597b38efadd74b609462da1c880027f122115e156d62542082003a83994318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Jul 2023 10:44:03 GMT
server
cloudflare
age
1054771
etag
W/"64a54973-48c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=31536000
cf-ray
7e839a537e1f9025-FRA
expires
Tue, 16 Jul 2024 15:43:50 GMT
/
upst.fwdcdn.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=31536000
cf-ray
7e839a537e209025-FRA
expires
Tue, 16 Jul 2024 15:43:50 GMT
main.css
upst.fwdcdn.com/css/6/portal/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/css/6/portal/main.css
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2023 12:31:02 GMT
server
cloudflare
age
3381093
etag
"6481ca06-204a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e839a537e219025-FRA
content-length
8266
expires
Tue, 16 Jul 2024 15:43:50 GMT
_desktop.js
www.ukr.net/news/ 		20 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/news/_desktop.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Jul 2023 14:19:53 GMT
server
cloudflare
age
5037
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7e839a533d0f35fa-FRA
x-xss-protection
1; mode=block
expires
Mon, 17 Jul 2023 19:43:50 GMT
concat.js
upst.fwdcdn.com/js/4/portal/ 		167 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 May 2023 14:23:02 GMT
server
cloudflare
age
4238373
etag
"6474b546-cc89"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e839a537e249025-FRA
content-length
52361
expires
Tue, 16 Jul 2024 15:43:50 GMT
main.js
upst.fwdcdn.com/js/10/portal/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/10/portal/main.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Jun 2023 10:06:02 GMT
server
cloudflare
age
1575388
etag
"649d578a-42fb"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e839a537e259025-FRA
content-length
17147
expires
Tue, 16 Jul 2024 15:43:50 GMT
zakladki_v2.min.js
zakladki.ukr.net/bookmarks/js/ 		104 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 14 Aug 2020 10:42:05 GMT
server
cloudflare
age
467535
etag
W/"5f366a7d-19e00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7e839a53cdda35fa-FRA
expires
Mon, 24 Jul 2023 15:43:50 GMT
970x90.png
upst.fwdcdn.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/970x90.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 12:57:06 GMT
server
cloudflare
age
527018
etag
"6447ce22-cd3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53ce909025-FRA
content-length
3283
expires
Mon, 24 Jul 2023 15:43:50 GMT
top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
cloudflare
age
300050
etag
"51b860f4-140f"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53ce929025-FRA
content-length
5135
expires
Mon, 24 Jul 2023 15:43:50 GMT
fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Oct 2014 14:11:04 GMT
server
cloudflare
age
290875
etag
"542eae78-1134"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53ce949025-FRA
content-length
4404
expires
Mon, 24 Jul 2023 15:43:50 GMT
fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Fri, 10 Oct 2014 10:17:53 GMT
server
cloudflare
age
290845
etag
"5437b251-134e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53ce959025-FRA
content-length
4942
expires
Mon, 24 Jul 2023 15:43:50 GMT
300x250.png
upst.fwdcdn.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/300x250.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 12:57:06 GMT
server
cloudflare
age
527018
etag
"6447ce22-e74"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53ce969025-FRA
content-length
3700
expires
Mon, 24 Jul 2023 15:43:50 GMT
300x145.png
upst.fwdcdn.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/300x145.png
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 12:57:06 GMT
server
cloudflare
age
589519
etag
"6447ce22-a9f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53ce979025-FRA
content-length
2719
expires
Mon, 24 Jul 2023 15:43:50 GMT
email-decode.min.js
www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 16:27:41 GMT
server
cloudflare
etag
W/"64ad82fd-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7e839a53adac35fa-FRA
expires
Wed, 19 Jul 2023 15:43:50 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cecc6536a924ff73d6ef97ed8631cbb08ca12a8bf70b03c348936dc10475cacd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47632
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 15:43:50 GMT
v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer
https://www.ukr.net/
Origin
https://www.ukr.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 23:05:42 GMT
server
cloudflare
etag
W/2023.7.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7e839a53eeb4bb4a-FRA
hb_742228_17438.js
player.adtcdn.com/prebidlink/469335/ 		920 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/469335/hb_742228_17438.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jul 2023 12:18:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
722
etag
W/"64b13d1d-398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgE2hjALU1S%2F6IC9YZsrBnh3%2FuzyVmteQ3R8N2chFyyVdlC0JgLE11FNaMgsXEMrsoNhDPNGr9VCRLilJ2XiOlOtKNR625R5QUSBk0Yti3RvN%2Bx9LxSKoEhg%2BuS70CtQ9zNKz92veqE%2F7XkOktAkFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7e839a53fab43666-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Jul 2023 15:46:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b7864973ab663baa7666611d2d528090bbb8e32ab076753d8bc487c4c3cf98d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27714
x-xss-protection
0
server
cafe
etag
988 / 19555 / m202307100101 / config-hash: 16548266580857526286
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 15:43:50 GMT
wrapper_hb_742228_17438.js
player.adtcdn.com/prebidlink/469335/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/469335/wrapper_hb_742228_17438.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682ba18418904e979cfda0e0c5d6ffd156dd51cc571d34b79e26cb92497b0312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jul 2023 12:18:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
714
etag
W/"64b13d1d-701"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ2RwTRioOsT59foJPDhFw66eUiAp12airW%2BU6U26VZGFbXCM%2BzS7L6RjU9MJ5TLy9%2Bzk5OgVSS8PdCq7f6lu%2BoCmteaDe9O9TLO0Yt2ikCgs3kaPZBjTL1lOidVwJh9%2Bq%2FQh0YPvSYqk98244NNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7e839a53fab63666-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Jul 2023 15:46:56 GMT
test
accounts.ukr.net/public/access/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/public/access/test?_=1689608630364
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.ukr.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
server
nginx
access-control-max-age
600
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
x-upstream
4210.10.20.49:5080
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length
2
login
accounts.ukr.net/widget/ Frame EAEB
Redirect Chain
  • https://mail.ukr.net/widget?lang=uk&theme=default
  • https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
  • https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
  • https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
e41b8286cd30e93210a880bd9641dfe13728c8a39e8d2ef8e06b99e81e653e5e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://www.ukr.net/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type
text/html; charset=UTF-8
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Mon, 17 Jul 2023 15:43:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-frame-options
ALLOW-FROM https://www.ukr.net/
x-upstream
4210.10.20.49:5080
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
0
content-security-policy
default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Mon, 17 Jul 2023 15:43:49 GMT
location
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server
nginx
5ysrIfrF92
go.rcvlink.com/ifr/ Frame C961 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 17 Jul 2023 15:43:50 GMT
etag
W/"63c6f377-3b12"
expires
Tue, 18 Jul 2023 15:43:50 GMT
last-modified
Tue, 17 Jan 2023 19:13:59 GMT
server
nginx
v2
a4p.adpartner.pro/jsunit/jsonp/ 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery30009960692759890364_1689608630353&_=1689608630354
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
89c77a68c6308605f0c358a8362ce1d8a33aeaabf7e72771d9f31b562189b8eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show_json/ukrnet/ 		498 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery30009960692759890364_1689608630355&_=1689608630356
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
560d8a7adbcd2ca1476bd189d1321ab364592a3cc553470d647c2fb91d2df31f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=15768000, max-age=15768000
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
content-type
text/html; charset=utf-8
grey-pix.gif
upst.fwdcdn.com/img/ 		53 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/grey-pix.gif
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
cloudflare
age
290854
etag
"51b860f4-35"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a53dec19025-FRA
content-length
53
expires
Mon, 24 Jul 2023 15:43:50 GMT
pinformer4.php
pinformer.sinoptik.ua/ Frame 8001 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
bacfcbb68c130c22ebf5752c243cdb05556361f9d18ffc48958df84b5bf9f34a

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300, must-revalidate, proxy-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Mon, 17 Jul 2023 15:48:50 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
ukrnet_ua.html
kinoafisha.ua/widget/ Frame 7CDB 		336 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
bcbb887a49e2e8186873fcec86a737765e754dd8c1baec61de458c565bbf3062

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=315360000
content-encoding
gzip
content-type
text/html
date
Mon, 17 Jul 2023 15:43:50 GMT
etag
W/"64b55770-53f6f"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 17 Jul 2023 15:00:00 GMT
server
nginx
ukrnet2.js
trafmag.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafmag.com/ukrnet2.js?callback=jQuery30009960692759890364_1689608630357&_=1689608630358
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
trafmag.com
Software
nginx /
Resource Hash
601f13b2bff45c42d8ba8fc2310215b73d1b5bc75831edb41ed9c65ea70ab739
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
application/json; charset=utf-8
date
Mon, 17 Jul 2023 15:43:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
p3p
CP="NON DSP COR CURa TIA"
1119189
servicer.mgid.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1119189?callback=jQuery30009960692759890364_1689608630359&_=1689608630360
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
695bb206a26afcd4f41fa1559ed7a45d2edb1e1e5c7293faa4fee6f122a0b9a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7e839a543c7606c0-AMS
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
cnt.php
counter.ukr.net/c5/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/c5/cnt.php?rand=0.8365698996005375&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Mon, 17 Jul 2023 15:43:49 GMT
cnt.php
counter.ukr.net/aid/portal/ 		312 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/aid/portal/cnt.php?rand=0.24142731218522995&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
7ee6e3885e07c30b95831227b0923f25b37b79ae5c410119604ea611d0b9eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Mon, 17 Jul 2023 15:43:49 GMT
cnt.php
counter.ukr.net/lid/329/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/lid/329/cnt.php?rand=0.04220329279451063&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Mon, 17 Jul 2023 15:43:49 GMT
/
loadercdn.net/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?u=42ad7db4a832fd22&d=www.ukr.net
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Jul 2023 15:43:50 GMT
server
openresty
hbw_master_742228_17438.js
player.adtelligent.com/prebidlink/KRZJ2/ 		145 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_742228_17438.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/469335/wrapper_hb_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a822a07bc8c87cfe5c2285baeb80c3ae28c243bf4bc7d72528d9a85286c5a947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 19 Jul 2023 15:43:50 GMT
date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Fri, 14 Jul 2023 12:18:37 GMT
server
nginx
etag
W/"64b13d1d-245db"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbp_master_742228_17438.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 		476 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/469335/hb_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6ead895cb3613763285f4634945adac321c91a5b1beb7f8ab99bae94c0b6d8de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 19 Jul 2023 15:43:50 GMT
date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2023 14:12:30 GMT
server
nginx
etag
W/"64a81d4e-76f7a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
start.json
www.ukr.net/ajax/ 		69 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/ajax/start.json
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e415e81bd7b165b05302768ecc9dc128d912de51c5fba371191a17dfa14d14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
cf-ray
7e839a542e6235fa-FRA
x-xss-protection
1; mode=block
swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame 8001 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 13:04:12 GMT
server
nginx
etag
W/"5f620d4c-2deb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 16 Aug 2023 15:43:50 GMT
swPortal4.js
pinformer.sinoptik.ua/js/15/ Frame 8001 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 14:54:44 GMT
server
nginx
etag
W/"5f622734-1cc1f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000, public
expires
Wed, 16 Aug 2023 15:43:50 GMT
t.gif
pinformer.sinoptik.ua/img/ Frame 8001 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/t.gif
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Thu, 23 Oct 2014 10:32:30 GMT
server
nginx
etag
"5448d93e-2b"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
43
expires
Wed, 16 Aug 2023 15:43:50 GMT
2_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8001 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/2_0.jpg
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
08fc807b6f0761f04903226d1362561623318797ff556534439d94a6810aa979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-6e1"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1761
expires
Wed, 16 Aug 2023 15:43:50 GMT
/
www.ukr.net/sinoptik/102940512/ Frame 8001 		0
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/sinoptik/102940512/
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1689608630381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 17 Jul 2023 15:43:50 UTC
server
cloudflare
etag
"51b98b6a-0"
content-type
application/x-javascript
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges
bytes
cf-ray
7e839a54cf2035fa-FRA
content-length
0
expires
Mon, 17 Jul 2023 15:43:50 UTC
truncated
/ Frame 7CDB 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
1
go.rcvlink.com/cs/1/ Frame C961 		34 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d445f6aae563afe37a62399d1df77e4d6fbc82e0efdaaebc1b8cafdd7397bc94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b14
cache-control
private, max-age=315360000
expires
Thu, 14 Jul 2033 18:43:50 +0300
1689608630476.html
www.ukr.net/view/main/98632949,114,939,877,26,118,171,10,350,24,36,92,252,51,36,100,22,26,1,58,1,1,11,5,3,45,17,7,21,10,33,7,2,14,8,7,7,10,4,4,1,2,2,2,3,1,5,6,2,1,4,6,7,5,7,7,4,6,2,2,10,2,9,3,7,2,6... 		0
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/view/main/98632949,114,939,877,26,118,171,10,350,24,36,92,252,51,36,100,22,26,1,58,1,1,11,5,3,45,17,7,21,10,33,7,2,14,8,7,7,10,4,4,1,2,2,2,3,1,5,6,2,1,4,6,7,5,7,7,4,6,2,2,10,2,9,3,7,2,6,1,5,1,9,5,2,8,5,3,1,1,13,29,3,14,3,2,13,8,17,6,9,10,9,7,11/1689608630476.html
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ukr.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
cloudflare
etag
"51b860f4-0"
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
text/plain
accept-ranges
bytes
cf-ray
7e839a547ec535fa-FRA
content-length
0
x-xss-protection
1; mode=block
top_links.png
upst.fwdcdn.com/img/1688553803/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/1688553803/top_links.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1688553803/top_links.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3013a50365c22fe15e0bce332967f9ebe8d86d5062032531f1621a1f558ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/1688553803/top_links.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Thu, 25 May 2023 08:51:03 GMT
server
cloudflare
age
449951
etag
"646f2177-b24"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a549f9c9025-FRA
content-length
2852
expires
Mon, 24 Jul 2023 15:43:50 GMT
icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 		395 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
cloudflare
age
290875
etag
W/"6076e064-18b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
cf-ray
7e839a549f9d9025-FRA
expires
Mon, 24 Jul 2023 15:43:50 GMT
icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 		461 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Apr 2021 12:30:28 GMT
server
cloudflare
age
290875
etag
W/"6076e064-1cd"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
cf-ray
7e839a549f9f9025-FRA
expires
Mon, 24 Jul 2023 15:43:50 GMT
dot.svg
upst.fwdcdn.com/img/portal/main/ 		650 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
age
290926
etag
"637656b5-18e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a549fa29025-FRA
content-length
398
expires
Mon, 24 Jul 2023 15:43:50 GMT
arrow.svg
upst.fwdcdn.com/img/portal/main/ 		233 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
age
21421
etag
"637656b5-bc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a549fa39025-FRA
content-length
188
expires
Mon, 24 Jul 2023 15:43:50 GMT
csp-blocked
accounts.ukr.net/ Frame EAEB 		2 B
99 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/csp-blocked
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

x-upstream
42, 42127.0.0.1:8082
date
Mon, 17 Jul 2023 15:43:50 GMT
server
nginx
content-length
2
content-type
text/html
bundle.css
accounts.ukr.net/widget/login/css/ Frame EAEB 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:08:03 GMT
server
nginx
etag
W/"64ac02b3-2c24"
content-type
text/css
x-upstream
4210.10.20.48:5080
cache-control
max-age=1209600
expires
Mon, 31 Jul 2023 15:43:50 GMT
bundle.js
accounts.ukr.net/widget/login/js/ Frame EAEB 		161 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/bundle.js?685b5aa7
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
acdcabb3f770b00e5ffe2e7b60c669fe93eb0ca9cdb659f7bcb65e3bba91821a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:08:03 GMT
server
nginx
etag
W/"64ac02b3-285c8"
content-type
application/javascript
x-upstream
4210.10.20.49:5080
cache-control
max-age=1209600
expires
Mon, 31 Jul 2023 15:43:50 GMT
m_25jg4nn1.jpeg
kinoafisha.ua/upload/2023/06/films/10073/ Frame 7CDB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2023/06/films/10073/m_25jg4nn1.jpeg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
b2bece48e51af926e302a0b71c336ea9ddb958f574fffd615e2535bcc04c1488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Tue, 27 Jun 2023 16:04:43 GMT
server
nginx
etag
"649b089b-443b"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
17467
expires
Mon, 24 Jul 2023 15:43:50 GMT
m_25jf18nggero-zolotih-masok.jpg
kinoafisha.ua/upload/2023/03/films/10015/ Frame 7CDB 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2023/03/films/10015/m_25jf18nggero-zolotih-masok.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
7d0d8bb221d441ab2cb441d5dc940f5476ddb3145a7d41aabfe4a09439b2c18e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Tue, 27 Jun 2023 10:58:13 GMT
server
nginx
etag
"649ac0c5-67d3"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
26579
expires
Mon, 24 Jul 2023 15:43:50 GMT
m_259urw6s.jpg
kinoafisha.ua/upload/2023/04/films/10031/ Frame 7CDB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kinoafisha.ua/upload/2023/04/films/10031/m_259urw6s.jpg
Requested by
Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
9d6aaa3f6f1f87c92430336a9cf099b383626f0d6ca9a3ba23996b5f5f53263c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1689608630383
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Fri, 21 Apr 2023 12:47:33 GMT
server
nginx
etag
"644285e5-527d"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
21117
expires
Mon, 24 Jul 2023 15:43:50 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5ef6b824d904ac5242d272b7fc78612e7a70c7721a3fe39e48e378fcf9d2331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85708
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 15:43:50 GMT
cnt.php
counter.ukr.net/advert/adv/portal/ 		1 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.24142731218522995&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by
Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.24142731218522995&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Expires
Mon, 17 Jul 2023 15:43:49 GMT
runtime.js
upst.fwdcdn.com/js/ Frame 8001 		408 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/runtime.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:47 GMT
server
cloudflare
age
6639507
etag
"637656b3-1e6e9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e839a5548709025-FRA
content-length
124649
expires
Tue, 16 Jul 2024 15:43:50 GMT
/
go.rcvlink.com/bdto/5ysrIfrF92/ Frame C961 		0
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tp7Z7tPbuGzz3h4&ver=230117-2113&w=200&h=0&vw=200&ms=136.2&me=0&ref=&
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 15:43:50 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type
application/javascript;charset=utf-8
hn
b24
cache-control
no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin
*
expires
Mon, 17 Jul 2023 18:43:50 +0300
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
26168
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127471
x-xss-protection
0
server
cafe
etag
16392902606907886609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Jul 2024 08:27:42 GMT
ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8001 		149 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-95"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
149
expires
Wed, 16 Aug 2023 15:43:50 GMT
term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8001 		389 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-185"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
389
expires
Wed, 16 Aug 2023 15:43:50 GMT
s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame 8001 		185 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv151.fwdcdn.com
Software
nginx /
Resource Hash
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
last-modified
Wed, 07 Sep 2016 08:07:52 GMT
server
nginx
etag
"57cfcad8-b9"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
185
expires
Wed, 16 Aug 2023 15:43:50 GMT
/
ghb.adtelligent.com/geo/ 		132 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
0e3d7902609430e2b5f87914e061e99debec0ee68f09d9618b3426aea7c6dadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
132
tracking
ghb.adtelligent.com/adunit/ 		43 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=71cr4f.el&features=81952&vpbv=A160&lifecycle_tte=684
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
go.rcvlink.com/err/ Frame C961 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/err/?code=5ysrIfrF92&ver=230117-2113&ms=185&text=!responseText&ref=
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx / PHP/7.4.33
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

hn
m1
date
Mon, 17 Jul 2023 15:43:50 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.4.33
content-type
image/gif
config.json
player.adtelligent.com/exchange_rates/742150/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
7043a5da7152e40c7135ffa477bf64c6094206a44a765a561575c9894be24c10

Request headers

Referer
https://www.ukr.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 19 Jul 2023 15:43:50 GMT
date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Sun, 16 Jul 2023 12:02:29 GMT
server
nginx
etag
W/"64b3dc55-8ae"
content-type
application/json
access-control-allow-origin
https://www.ukr.net
cache-control
max-age=172800
x-proxy-cache
HIT
z
s.znctrack.net/ Frame E798 		102 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.znctrack.net/z
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
352ed8d2fe26386602833203f937db8aca40903636bca0388fbe80b89f5eee9f

Request headers

Content-Type
text/plain;charset=UTF-8
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
get
accounts.ukr.net/api/v1/cai/browser/ Frame EAEB 		107 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/cai/browser/get
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?685b5aa7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
8682c7dff8e6c00f6ac4b9e466aa97da31ab37209bdab4c2e26c65fd0047c91a

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

expires
Mon, 17 Jul 2023 15:43:49 GMT
date
Mon, 17 Jul 2023 15:43:50 GMT
server
nginx
content-type
application/json
x-upstream
4210.10.20.49:5080
cache-control
no-cache
content-length
107
x-served-by
127.0.0.1:10000
collect
region1.analytics.google.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je37c0&_p=498746906&_gaz=1&cid=634404049.1689608631&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689608630&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=634404049.1689608631&gtm=45je37c0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=634404049.1689608631&gtm=45je37c0&aip=1&z=36561780
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame EAEB 		58 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?64280814ffe96cfa63b8
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:08:03 GMT
server
nginx
etag
W/"64ac02b3-e602"
content-type
application/javascript
x-upstream
4210.10.20.48:5080
cache-control
max-age=1209600
expires
Mon, 31 Jul 2023 15:43:50 GMT
html5objects.js
upst.fwdcdn.com/js/ Frame 8001 		555 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upst.fwdcdn.com/js/html5objects.js
Requested by
Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pinformer.sinoptik.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2017 14:33:19 GMT
server
cloudflare
age
23878440
etag
"59380eaf-21ee1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e839a5639b89025-FRA
content-length
138977
expires
Tue, 16 Jul 2024 15:43:50 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Jul 2023 15:43:50 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		277 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3130609428463294&correlator=1737458465565215&eid=31076167&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&adks=3371586687%2C216364347&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1689608630797&lmt=1689608630&dlt=1689608630272&idt=489&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=1600x4852%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=634404049.1689608631&ga_sid=1689608631&ga_hid=498746906&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbb79754b71375ffb819af902c7f8302db509bfe827bf585650290ffc71e8855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58912
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F740 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Tue, 16 Jul 2024 15:43:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
acquire
accounts.ukr.net/api/v1/token/verification/ Frame EAEB 		27 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by
Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?685b5aa7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
frvdc-253.fwdcdn.com
Software
nginx /
Resource Hash
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

x-upstream
4210.10.20.48:5080
date
Mon, 17 Jul 2023 15:43:50 GMT
server
nginx
content-length
27
content-type
application/json
truncated
/ Frame 8001 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8001 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd8a30f60bbe41b0bef677711421e212f254da66b1888a58bd99df2e696b448

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame 5599 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
server
Kestrel
server-processing-duration-in-ticks
291217
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
icon-top.svg
upst.fwdcdn.com/img/portal/main/ 		525 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
age
290930
etag
"637656b5-13e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56ea9c9025-FRA
content-length
318
expires
Mon, 24 Jul 2023 15:43:50 GMT
bg-main-static.png
upst.fwdcdn.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/bg-main-static.png
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 10:54:06 GMT
server
cloudflare
age
588701
etag
"5ea80b4e-2962"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56ea9d9025-FRA
content-length
10594
expires
Mon, 24 Jul 2023 15:43:50 GMT
favorites.svg
upst.fwdcdn.com/img/portal/main/ 		673 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
age
290692
etag
"637656b5-16d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56ea9f9025-FRA
content-length
365
expires
Mon, 24 Jul 2023 15:43:50 GMT
regions-star.svg
upst.fwdcdn.com/img/portal/main/ 		830 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
age
591471
etag
"637656b5-1d6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56faa39025-FRA
content-length
470
expires
Mon, 24 Jul 2023 15:43:50 GMT
currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
age
290812
etag
"637656b5-be5"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56faa89025-FRA
content-length
3045
expires
Mon, 24 Jul 2023 15:43:50 GMT
arrow.svg
www.ukr.net/img/portal/main/ 		233 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ukr.net/img/portal/main/arrow.svg
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
467321
content-length
188
x-xss-protection
1; mode=block
last-modified
Thu, 17 Nov 2022 15:43:49 GMT
server
cloudflare
etag
"637656b5-bc"
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56fa4335fa-FRA
expires
Mon, 24 Jul 2023 15:43:50 GMT
orakul-sprite.gif
upst.fwdcdn.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by
Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/6/portal/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://upst.fwdcdn.com/css/6/portal/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2013 11:52:20 GMT
server
cloudflare
age
290799
etag
"51b860f4-1ad2"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
https://www.ukr.net
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7e839a56faad9025-FRA
content-length
6866
expires
Mon, 24 Jul 2023 15:43:50 GMT
sid
mug.criteo.com/ Frame 5599
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=YEvJK3xlSngyenY2Qmt5cEF0Ni9YQ1MrTFZoYkNNNVdRdlV6UzNBTlp3UlJuRjM1U0t5bTRyVnR4aWl4NUNZYlFkQkErblA4bkhLS0dTMS83SVpCS09FWHpSeENRd0ZIMlQ3bUYyM0lkQ3Jrb20zT0tocnB3RUkycjl0OG...
425 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YEvJK3xlSngyenY2Qmt5cEF0Ni9YQ1MrTFZoYkNNNVdRdlV6UzNBTlp3UlJuRjM1U0t5bTRyVnR4aWl4NUNZYlFkQkErblA4bkhLS0dTMS83SVpCS09FWHpSeENRd0ZIMlQ3bUYyM0lkQ3Jrb20zT0tocnB3RUkycjl0OGZxT2hNenBTNjFheXJ0ZkFET0RvYmFacjNzczJ0S3FZQU9TRExwVnZRQzJnOU56ejd4cG9ibldQNS9UWWtnT2k2dnZaVUROdWQ2eUV6eVN0Sk5JeEZQclV0K1k3VUZxMEpDNXpyYkFiZDdYaEw0YzhpU1F0KzNueXNDOGlZY3lWZWFOaitheVR1NzlTeWtpNmxxUEp4K3hsNXJMdGE2Zz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0ed2174019dc61fe770773eceb5e892dbeb2db35671dc22c3a4f561eb37609cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4095367
expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=YEvJK3xlSngyenY2Qmt5cEF0Ni9YQ1MrTFZoYkNNNVdRdlV6UzNBTlp3UlJuRjM1U0t5bTRyVnR4aWl4NUNZYlFkQkErblA4bkhLS0dTMS83SVpCS09FWHpSeENRd0ZIMlQ3bUYyM0lkQ3Jrb20zT0tocnB3RUkycjl0OGZxT2hNenBTNjFheXJ0ZkFET0RvYmFacjNzczJ0S3FZQU9TRExwVnZRQzJnOU56ejd4cG9ibldQNS9UWWtnT2k2dnZaVUROdWQ2eUV6eVN0Sk5JeEZQclV0K1k3VUZxMEpDNXpyYkFiZDdYaEw0YzhpU1F0KzNueXNDOGlZY3lWZWFOaitheVR1NzlTeWtpNmxxUEp4K3hsNXJMdGE2Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
267864
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32948ef4f1bb2a40f6effe07bb32411761cc5f72ac9bef20597f041c723bcf4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11819
x-xss-protection
0
rum
www.ukr.net/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ukr.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ukr.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Jul 2023 15:43:50 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.ukr.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7e839a574aab35fa-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Jul 2023 15:43:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 522C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 13:42:50 GMT
expires
Tue, 16 Jul 2024 13:42:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B2BE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1ba8f8220774d9214ce4e928fb54ffde4335550a67ebadbf2ae7f1111cbc1cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-upaqiQIuMcYUv-8MqmfWpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-upaqiQIuMcYUv-8MqmfWpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:51 GMT
expires
Mon, 17 Jul 2023 15:43:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame 522C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 18:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
77083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 18:19:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B2BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307100101&jk=3130609428463294&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 522C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?v8NA9w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3130609428463294&correlator=2795998620640715&eid=31076167&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&adks=2774844501%2C3317177319%2C3449700283&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1689608631254&lmt=1689608631&dlt=1689608630272&idt=489&adxs=995%2C995%2C995&adys=196%2C1138%2C2119&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=634404049.1689608631&ga_sid=1689608631&ga_hid=498746906&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8c8b511f903f4c992ec4a90adbc7a66bdd6253ca7b6e1a00c8ca6ce92399c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33421
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ukr.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csyncs
ghb.adtelligent.com/ 		705 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=463288
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
07991868a4cb6968052828c9278562e7a0b6ea7f38e4634bf6c5b6052f0ca259

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.ukr.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
381
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=782d48d4-a500-446e-b426-c05fd62bb0de
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=782d48d4-a500-446e-b426-c05fd62bb0de
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:51 GMT
Server
Adtelligent
Etag
e39c395feb3f2885
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=782d48d4-a500-446e-b426-c05fd62bb0de
date
Mon, 17 Jul 2023 15:43:51 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Jul 2023 15:43:51 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=e39c395feb3f2885
35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=e39c395feb3f2885
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 17 Jul 2023 15:43:51 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=e39c395feb3f2885
Date
Mon, 17 Jul 2023 15:43:51 GMT
Server
Adtelligent
Etag
e39c395feb3f2885
Content-Length
0
sync
cookies.nextmillmedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.62.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-62-28.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
container.html
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15BA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Tue, 16 Jul 2024 15:43:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB7F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Tue, 16 Jul 2024 15:43:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 15BA 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 15BA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 15BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 09:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 09:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 15BA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15BA 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jul 2023 15:43:51 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 15BA 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
css
fonts.googleapis.com/ Frame CB7F 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jul 2023 15:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 15:17:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jul 2023 15:43:51 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame CB7F 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame CB7F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
22566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame CB7F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 09:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 09:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame CB7F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB7F 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jul 2023 15:43:51 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame CB7F 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 15BA 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQp0Yq8atKy6k2-KYj9xDhLhod0tGAqzLDQv5CprHvi49LGfY1joRVEf9xWcUw&usqp=CAI
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd8e67d46817861c637724c861ad39fd7e8247caf31d309af6e899ff60e7586b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:22:42 GMT
x-content-type-options
nosniff
age
26469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30787
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 04:30:01 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 16 Jul 2024 08:22:42 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 15BA 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRLXixi6Fjh27OkbqrqrEQubIHkAZ1TAkbI6ouSNwL69iREzVMEWyZ7ynynxg&usqp=CAI
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9059e2468fad1795e13b94ab9151f00aec37d0886cd142a3ad857cf9f346347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:09:23 GMT
x-content-type-options
nosniff
age
146068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26990
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 12:08:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 14 Jul 2024 23:09:23 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 15BA 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT8YbMLgLYyOWbW85VzWjKr2cprIvVtzxGtEUlogewYx2Tu_2tQtmEytqdNOKE&usqp=CAI
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76fbdf789f3e73c225f980ae443d9d41d78fb41883e1d3e2db5020de8693ada6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:05:38 GMT
x-content-type-options
nosniff
age
347893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23301
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 08:56:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 12 Jul 2024 15:05:38 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 15BA 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTaQFdIOZ9eKWYauMmUTWZt_ShXLRp_-6IeqaAZ1RCKMqLGz6LNmGA-y9tHqg&usqp=CAI
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e912889862f3fc7ab971c4401fb00ff6a745158ea04c1c7dc692da663efd677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 11:44:06 GMT
x-content-type-options
nosniff
age
532785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22897
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 04:53:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 10 Jul 2024 11:44:06 GMT
1033797424505648827
tpc.googlesyndication.com/simgad/ Frame 15BA
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODioMzjRBDQDxj0AzIIeAKtVjyZlu8
  • https://tpc.googlesyndication.com/simgad/1033797424505648827
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1033797424505648827
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
612cbc1ad76f7fed3e2fb5412bec3c578638ce5c1207ff864770c108b7dd365e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:44:34 GMT
x-content-type-options
nosniff
age
345557
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47086
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 15:45:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 12 Jul 2024 15:44:34 GMT

Redirect headers

date
Mon, 17 Jul 2023 11:47:44 GMT
x-content-type-options
nosniff
server
cafe
age
14167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/1033797424505648827
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 11:47:44 GMT
15227438869558540839
tpc.googlesyndication.com/simgad/ Frame CB7F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15227438869558540839?w=100&h=100
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d7ed474724491baa8d35de515636654c66eb3143e9faec370324ea7973b15a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:03:11 GMT
x-content-type-options
nosniff
age
189640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3235
x-xss-protection
0
last-modified
Mon, 08 Oct 2018 18:49:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Jul 2024 11:03:11 GMT
truncated
/ Frame 15BA 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6843283af14d595bc04e2e6b2ec8c6e3488a95bfa73c4099b8e073d0b69c6978

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CB7F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92dba006cabf41eb6c946286123f214b6653c6b883a0a76b387a134d879c0579

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 15BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwoa3tmG1ZPn5M5fPgAe6jKDQDuWpz8Nx4orfptERhvu5m585EAEg55_DmQFglYKAgLQHoAGa0N-pKcgBCakCSfQh7IjZsj7gAgCoAwHIA8sEqgT_AU_QI_OQsiDbfiX77KjPTOAUWB3W_ztihuBf_oTKx0TKUlBeKSmAX20p8DAwk9toyNL61vwQl8J2XPoYgcAPjeHJ_5tzfcT9aeI9xN4FKeyyv8b9a36_vbuDws6Q0zT21uLUT5teE-PQyg0ZhBNmoGK0_Tx9VqgCfPJSFXXslCaqPIbnNJQBNwkBfCxGvC3Oz9P2pyOpQ7xcUHfF5fKWlUJE9nT0cKWYI7aVve6Yv54tL5DxlW7-YCfSDv8gS08VOTPaGNALvPYXN6kUIAM7mGsfnk1kdFosrOAtYfMvTMwpnvAnaIfhyERetzkyuvjp0zQn_D6K7zwEi5n__YTeFcAEm7Oz16EE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5qIsIkEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEM6HFtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwvQFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=DIKJFwcDbI4&uach_m=[UACH]&cid=CAQSTABpAlJW99R3FlDrzn8CmdHOlHPI47MKzmXyo931nVxBosV1wTRlBjvA7XIXSUU0JJgElTQMdXnxuq_BeVpt253xSVVzeCnXbKFrUk8YAQ&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame 3167 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 18:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
77083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 18:19:08 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CB7F 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options
nosniff
age
506074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 19:09:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CB7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcOpotmG1ZLT8M5fPgAe6jKDQDremuJVvhoHrrtARZBABIIjZs5gBYJWCgIC0B6ABhZ7evQPIAQmpAkn0IeyI2bI-4AIAqAMByAPLBKoE_wFP0J-8WaQL0XmTcUhBbZP3-TW3rv9PSwz393gnVhtMiZlpSC-yZqq1a_zAsi5aWd_zLqm8n872WNYH0XBpX6HlX8BJ3xGEA6tkf6nRJDm0_HR4BWvuenfh43JKIPwdiTV8WNsuwKaxYFMXkU04ZkwpsdqoSR0ItMaXd4gwUU6uDaUAuNchJqJMSUOlwlXPxVoHQowSjC_meit_da7xmr8s1gKD-se3bJaZotxObofY7-Zbb4i9Zg5XHkxk1-WN_1vhgmXVf0_lGv3jPaSPOoFHl4pNwKZjyucthboh-3Ppge-iWGY5ZJ23K0AFvlJ5hs6Apq9LQ6hjUUbD5qUHjM7ABN6jw5WcBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfj4aFCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_MQD0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAcgLAZgMrffPjKEEuBODBNgTDtAVAYAXAbIXHwodCAASFHB1Yi03MDA1ODEzNDExODc5MDA2GN-2kAE&sigh=lYSKszYSuWk&uach_m=[UACH]&cid=CAQSTABpAlJW99R3FlDrzn8CmdHOlHPI47MKzmXyo931nVxBosV1wTRlBjvA7XIXSUU0JJgElTQMdXnxuq_BeVpt253xSVVzeCnXbKFrUk8YAQ&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame FBA5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 18:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
77083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 18:19:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307100101&jk=3130609428463294&bg=!t7SltODNAAb90kgr3dI7ADkAdvg8Wr8Ohltqd-7vXqdAngLylaOVPlNcr2KeObJyPbz7mTLoEd-L4X9B_OmCph9xeGorRqwhWo8CAAAASlIAAAAGaAEHCgAt3_JqK8kiMfQbVzZDaDzTzVe7W80bncNYh2qSvMgoxMT1DznmY7nJagKZPROkmQKs0w7sKop4KXN3ztwTY6MJXXcdglLnIGFlBat3Wxf-xWuXY-w9lJzp1Pj8UVK0wv-HjEvE_1XtiIBiVDKMY7fUOpUQ2jHT_DQpTfWZ-J9QlsBBadT7fH5GyCXc7sUs4cZI3LSkuzG9epit9R1VvPiNLYorKGN6iecxAWuNdEpxVSTh7ZDk_YaATJu2DC5pFi5Wb_wZeJ8Wc2WC-Cu409kBUgrylWYAqT9szmh1WuALUVtsiLoU8qUe35lVC7CKAwMQjcswti0yYbfPUD1TH6Ok6oTRsipoGhCdidKNNw_aSfkbL6Qs3t4PomvzELoF4NCUtnDFTqOu1H4hOcbGc0IzMxTP8vRscrY63YF4VI0TI-TKGkboZScPhekaJe_9NFSRnVR7_rZnPnR_9Ze925M19rZYIjNewAx7R6lwAoorkblckhk3lggBGRu1A02D-cQb6M3HItYP2rGdAkp8uGIvB3ANNSvvE_6A616PKVg9NcJ2PJN_3nj4F580LMfxLExHNO1sdamutGgHVlaIgetxVxHT-6R5vJSnRETeBw2O9dfTVtqzNyJysAzQO2lmshIaVKPCrRfoOIIAqZOCik2gCsvtnh9QemT9nhsBt-m34XNRoTaIS_w9XMNEHXD9s62IFfgRxK5bZqE0by7zduBkPjwOCWxk6KO4hacHllc3E52CLO6ZmkGmpRJtao9Vafnl4zbNvQXHsaIyRf-oaoWOPp-OEeRpMVAtJL0e3uDMrG4bzM7kMDJodD9pYN-TptUgr3g4eUV14BLi8eEeWTCavJA03yj0n7VeAOsGVamiI2buZlbZ9-fVYKspkOZNhsddHxQFpl0X-dN34y9VF_dzLLNL3LwwPMFEcGqyWhoEAXvPRKZmCw-1gH40WvpYsuXmOe8e0DMm6ABKI14H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ukr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
multitracking
ghb.adtelligent.com/adunit/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_742228_17438.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ukr.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.ukr.net
Date
Mon, 17 Jul 2023 15:43:51 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
container.html
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB21 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Tue, 16 Jul 2024 15:43:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D556 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Tue, 16 Jul 2024 15:43:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 876D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ukr.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:50 GMT
expires
Tue, 16 Jul 2024 15:43:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306202201000/ Frame EB21 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 17:10:51 GMT
age
426781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61909
x-xss-protection
0
server
sffe
etag
"f919e19544cf979d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 17:10:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame EB21 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jul 2023 08:54:25 GMT
age
110967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"64cbd7fca0464c6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 15 Jul 2024 08:54:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame EB21 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 16:18:55 GMT
age
429897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28896
x-xss-protection
0
server
sffe
etag
"4dcd9a8c59f0d36a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 16:18:55 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame EB21 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 18:03:18 GMT
age
510034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"b82574a955fb50a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 18:03:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame EB21 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 16:18:58 GMT
age
429894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"5e14f2792a869535"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 16:18:58 GMT
css
fonts.googleapis.com/ Frame EB21 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 13:55:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jul 2023 15:43:52 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EB21 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 18:05:19 GMT
x-content-type-options
nosniff
server
cafe
age
77913
etag
14587847488922671356
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3073
x-xss-protection
0
expires
Mon, 17 Jul 2023 18:05:19 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EB21 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 19:03:49 GMT
x-content-type-options
nosniff
server
cafe
age
74403
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 17 Jul 2023 19:03:49 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame ACEE 		199 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b8e69d8d3e8752863d65775e3a050dfb320a38606cf61f121ee0de6cd6b5d8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xAi3rz4PmO_g3JnoR71uEqfhfdD4emSSYICnXjTAtmL1gDIirmI_jiHK72OPoFR-mxIWNKt3RsHO631p5-sPttIBS1p2TO60bLsqn-iKR_UupFKAekBs2CmDXzOdeXjiZf9ccCKohCh-bO0vBy69ytaZ2upR9DYNIuzXB-WDx5Dzkisly66NDWZq1BruoCjULkGk-agD9iYhxsv_PLEWOdOHHBCEfX1PgK-2Nv6OCYze-398TIsmFN03yZgpbLlY7JN_0A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
73883129
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D556 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 09:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 09:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D556 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:55:07 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D556 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 12:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
445261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 11 Jul 2024 12:02:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D556 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jul 2023 15:43:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0175 		624 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUVl9SKdFRctxS4AZdmaMRktQkaNgjwchPFAhKix_ddicQCcUX9BVOonUSTEJ9tYE8wjTK6bRBW0dtdX3OYyEEw0ICM5Yz7CVamEeFa4mVH-BRZYHnbUW5jUScULWayo5ziEegVnn-bG_eT5YlSt0SZz2AYYjA7kIfe5H5kpONCqyf_sB4
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:52 GMT
expires
Mon, 17 Jul 2023 15:43:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 876D 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 15:43:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 876D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BC8vTRBUVIMYDBtPcJqOJ-P1X7RliLIxGJni9Fg9DfZG8JbNeUzncoHBTVK-fApOjEy9Q9bhuAb9oYQeuzB2jU6fRvmz3_IM_ekr6pnecp0su3JjM
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 876D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17204795879783190499&x=1&ct=77
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 876D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 09:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
23413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 09:13:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 876D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 876D 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jul 2023 15:43:52 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14107506884401817436/ Frame EB21 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14107506884401817436/2076313506083323656
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7c6220e6826ddc014f0c6ef22d5b8d3cc08d099e25e71599738b9332bd7b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 22:27:49 GMT
x-content-type-options
nosniff
age
234963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45256
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 11:10:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 22:27:49 GMT
truncated
/ Frame EB21 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
818d58b19c8d7880927275783aa49da7573cdfa7c47ebfdf3ef062805b5827ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame EB21 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058dc554b168867a3dcdf1ae0f5b4918f189116207b5a76393496fc886f7d92b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EB21 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:04:15 GMT
x-content-type-options
nosniff
age
167977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 17:04:15 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EB21 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 15:24:53 GMT
x-content-type-options
nosniff
age
173939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 15:24:53 GMT
truncated
/ Frame D556 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e106e93dea77a8f23a94d289525ae1a5a0402d81bddcc081fe6c284600bace95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame D556 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C79OZt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBI4CT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW-3VptQVcBDEOh9ALZCkCi3UDPyCVDTqBgjL0kcRJo9_nQgrY4434AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAQ&sigh=cEJw0rneXQo&uach_m=[UACH]&cid=CAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ&cbvp=2&vis=1
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D556 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k7WUEsz6RKwCkAOdg2ICAgAAAFlrMwbd4PIqcNRnexU8j5wQtmG1ZKlubeDqauNz9iUAABIAAAoKQVFVREFRRUJBUQ&wp=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&cbvp=2
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
151902
server
Kestrel
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 0175
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUVl9SKdFRctxS4AZdmaMRktQkaNgjwchPFAhKix_ddicQCcUX9BVOonUSTEJ9tYE8wjTK6bRBW0dtdX3OYyEEw0ICM5Yz7CVamEeFa4mVH-BRZYHnbUW5jUScULWayo5ziEegVnn-bG_eT5YlSt0SZz2AYYjA7kIfe5H5kpONCqyf_sB4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jul 2023 15:43:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jul 2023 15:43:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 0175
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLVhuMtonAIb8fULe-NDGwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUVl9SKdFRctxS4AZdmaMRktQkaNgjwchPFAhKix_ddicQCcUX9BVOonUSTEJ9tYE8wjTK6bRBW0dtdX3OYyEEw0ICM5Yz7CVamEeFa4mVH-BRZYHnbUW5jUScULWayo5ziEegVnn-bG_eT5YlSt0SZz2AYYjA7kIfe5H5kpONCqyf_sB4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jul 2023 15:43:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAttqqrZBU7RZtP32-p94sY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 0175
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENRPAsj7RwqlRfPMoi3qT9w&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENRPAsj7RwqlRfPMoi3qT9w%26google_cver%3D1
43 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENRPAsj7RwqlRfPMoi3qT9w%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUVl9SKdFRctxS4AZdmaMRktQkaNgjwchPFAhKix_ddicQCcUX9BVOonUSTEJ9tYE8wjTK6bRBW0dtdX3OYyEEw0ICM5Yz7CVamEeFa4mVH-BRZYHnbUW5jUScULWayo5ziEegVnn-bG_eT5YlSt0SZz2AYYjA7kIfe5H5kpONCqyf_sB4
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
an-x-request-uuid
c3fc8db2-5e0c-4679-9eef-7c089d43d6f8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.58.58.247; 37.58.58.247; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
an-x-request-uuid
f3814470-6998-470c-a358-d29105a8eb8a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENRPAsj7RwqlRfPMoi3qT9w%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.58.247; 37.58.58.247; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0175
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMzIzNzM2ODE2NDg2ODIx
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMzIzNzM2ODE2NDg2ODIx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUVl9SKdFRctxS4AZdmaMRktQkaNgjwchPFAhKix_ddicQCcUX9BVOonUSTEJ9tYE8wjTK6bRBW0dtdX3OYyEEw0ICM5Yz7CVamEeFa4mVH-BRZYHnbUW5jUScULWayo5ziEegVnn-bG_eT5YlSt0SZz2AYYjA7kIfe5H5kpONCqyf_sB4
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
an-x-request-uuid
f5d0b78f-3dc6-4ea1-aaef-35423cf7dfcf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTExMzIzNzM2ODE2NDg2ODIx
x-proxy-origin
37.58.58.247; 37.58.58.247; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame ACEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame ACEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame ACEE 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 11 Jul 2024 15:43:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame ACEE 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 11 Jul 2024 15:43:52 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame ACEE 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WnEVwzmq6wKaggjqOhCnjftBqtLJXNM5q75SwhD9PX6g0YjicmLPd9WvVu09MU8cs_KfKKmcdZvy8nF-R22Fn1GLvNPRPMpUEtAOAWUdLEoSwBq--QgDHkwjiVnOlnRC_tJdRPxhhpJeelbpuOvjoTgXAhXyg1fFOp3SJ_-b7owEKqnETUmSuJyaNTgiC-ZDw-cnF0a5fI4cyoJ0DoQNt8M5gqBLbIXWdNcYYlQz3R3DGhtn6wi1ov_whcpnetZn_gD3bU-hWldHahgiUiFjIZ3Qj4CmPfkGtIn0hUuBeBW1hwNLV3nrbJZGcp6xrViZSkrl1wc2DVnB32ybMQyH8bHjjxU-KGxKUeYNVaBAEoXthdEQ63rFNGoufAKvT8bkShRlXmYzCKJoZVDehWHfhOM08l15ij5DqFdOCiA9h13PyGmRKz0yaftGP0uRb2GHzasDzQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2651135
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame ACEE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
141955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlvhlYh3PPmbcKwVU3A2eqyQi96l7LC9rMjLDM15Va03%2BYYSedRbXQe1m5fjv08ayt8SxA5qCGB7U2HGgHn%2BTlvdlx0ZNZ%2BlJyo2FLEwhx2Aqs%2BqjSewZcY%2B0vr4%2F4fOOErZBEjdte82DKGDXOgFz9rX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e839a621db391e7-FRA
expires
Sat, 06 Jul 2024 15:43:52 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EB21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CML5Jt2G1ZKXaEsyYgQeV4LOYAd6WqM5x0oWLhtgR29keEAEgiNmzmAFglYKAgLQHoAGn0pyHA8gBCeACAKgDAcgDCqoEgQJP0JRziPhFx7CI8huWHh7GCyLlo4QcTKNuprFXXHCpjrlbT_SqN9I1u2rtWx2MhEqszWypZYuEHMV2oPv6PJJn1aaGGwe5MOdmBvtTQl4ciKoQtQmV7mzsLV80wcxhbne1zGj2yeD2ACjoNso3NyjtceVtufSsG93yL08ssxGYmS2xXyF9jKcz6IgM_HKqS1d13FaOmGdklOvJmy3jLZ_RD_bIzZoK88zbWWMbMdKO547Tb3mS-nzIsxd6Oyv_rTEWLQMPxxHOIzraytx4F-yNf8kTHi3bBVF8COGlZNcZjReKBZm-w9kCinhFJnpuYyS1LYxjfdiPLPKw4-1K9_pDd8AEopLB47AE4AQBkgUECAQYAZIFBAgFGASgBi6AB8Gt43ioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDSgBHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHwodCAASFHB1Yi03MDA1ODEzNDExODc5MDA2GN-2kAE&sigh=9YFA9tQTk3w&uach_m=[]&cid=CAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 876D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4506099193110&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 876D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4506099193110&version=m202306200101&ct=77&x=1&cor=17204795879783190000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 876D 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq6YBIL4zj4zj_JFc-xT3XWFkwHlYWq-XTpSACjtjLBa-G8vuPS2ZmMsamJJ2zTni1nd0_DRIKcA5CwlGMwnif7TCeV5EwIH2AI3iEtnXhrY8nwIvuFree6_Al88iLqZBsE_fwcQGNO921C9LTAKsmchYDOFO6LpuEBaGQZts1eg7JDPs&cry=1&dbm_d=AKAmf-C5tRYOeLtkl09P8KVJq6Mpyf8xOKDFXHxq9pwKHJuIt3qamVLT2czJYMuy4K8phu6Td68KNnkZ6ZFA08RsM1qn4kHnNM8m-TFJ8pOPxn3Oj4ADKiYfSY8EhSwK2FD_f0jk0GIwh8QppbE84mySkSmY7_0ehA4R5kkf9dUaA9d69Dbh2vuKkU0sz0yJVYV2sTOd9G9bgMEeekrSxS8pUaIJukWOtLyH6S_5lbjVN7BWRZPBcELG0wDv6hQyP2zlAnJIBQT55nsnaC8VtaMkEAmXjsBQEWBjaiSc7U8bUJYZfstglamj4_5rJFnkQLz3VhUFZ6YnIcChcx-qef3SrxQ3PZ9YZKkPpF-W_bCsL8SrIsr6lS9EsFGvRLDOIUkaGS-G9DzGwJVwcf2zjhHfE6MDzxnv6-rZ__X_FR78ihyGLqg5zH2u0jnrfvhWO_9ClMrsaM75V1-1TzSrf9M-vm3puI9BJXXMZauW2PsSJP291MkSxJ9ngNOds18VCIwLx33r-6GkdDJ32mGp_1IKKWrXCl1OJNjgNVjzaI5hTQEvYik09yOyeS-PXuQHlldiVbFzZxJpfQHXCNd5SJSYr_nTJ9cCI2CUBP5IvObfoahsYsSMz-ECMkXj00x_Qho3rgFBZbeRymk0ilpS6HgQCmf7QIKi9aYqggkm1mISRJ0mf-YX9dhsYY2F7tLp_rOTQCC9LLUhxL5hx8YHafR0kZDSoOxjeWji4zBMNacpqeEoRY6DdaKNEzSB4BY0VDKQmqK_FE4xB98HC_-yuMeeg0lP12q3wEJH8yFqWyCRmno_j_tId8MPZnIjiLQbbrIVdQg2Sl48Kf9MUeXKe9MMtv1WfNGQ6N9W5Ml_URXb5y1vG2O6cr6coKLpPQtwnfCNtpJrLTjpjSmPegLsEaMZcMZwGEGrj-mr0YljjQ7u11CWGfTlkUR5_I26gwrqLTyJdCcMXCT1AVMknrD_CjQuTxS96KV3kOCJlTqGxHvUMx-LSCR17ueocH1N9g77jjLsGrL3k8iciUGJoQwholRIfH6W7KuHWZdzoR8Z7cbBTxRzGpOzO_2YonoCj7iu2o5Nd1kxP6jFp6_ABM7kwQIYZJfvsAXwl_6p7XHmC0Ry5Zi51iR1L741Ar2xUYazCw6gu0O6-0cCbiDFozeDD46lMbWMrFdEy_mloAmGaBT0QLmFtb8MnP8_cPyxKSdzAIbdxS9qrGQ_txnc8bn34odCo30GpeHFoVFgUWvnDDnXYkBqFPepivHCTTmkNiPA4okmecHNKeOAKxmLQiFILP4pz0In2Y3R4xXEE6Bndlm0BDjvic-JUw1PsxTquXtX1JRDryiEesjaOGfQY4ivZIWO9mOH6bRq_nKllevXazWyFyAbCAwaHRLTn-WEKdV6_oU6zoFMgtCIS1KCQiraEQGezAirey8vpLPEyW_OlrM1RqUsMHns-0XB5gGBHj9zD9CVEffl-xDw_7RUxMxk6B7WzleSv0AfgxC3QnFzsg_BQYrqSNtPLunzEG3dnXKZLfb_URVCxFre3iPrA9s4K_bxwDra7DXs9bz7q1KUoc1OwVPDFtLszdmcANx9TNl_w2-XhaJQ1TpA5rwSETN6xlAaqfawJhVdYmiH1PWPRxXbetqSJwvf-UvEH16jvsljXlT-JCelkb3z2B8Us-8ffKmT7KvlEHd-A2PofZ7f0KtgMQSETbcqtIdO2JlnmXTIeNE3wvVEDVhd6YhOyv76CBXPHJvX2AawZPD1tiAqDMZZeFgj5b47s5Oe5ljUbhkeWyEB8AUjSjdpE_gJBscaCrhs9gVBkGuvDrfvjGGz9d-fNBCJMWuY6Bw_tQupD97J1vVGZH1i7IsdnRtdbLnRM8aSSQxHESbr3ZnMl5wSb8xIkn8nFSCrlts8lupF_GMZDCUGsraRUgeIynySjfdcgGlf-m_aePnWK8v_KtLJNDoLTUWWE6ev1mZHaubatk-DuFKioVAiPOXOCl5Q83OlWIttxamX7Ov9NHeISs_ogL4PANz6UScAN2NkMcyByuUu8MtVokfBjIOqCm342Tf9ElBYQrJ6pXjwX3P8qPwpWwon6FX-vkRpwbhlWXSKWGcw9wMe80Qxt44AagGrCedNIfjm-B9ciKidhzbqJyKYpjSUWOIiCyhrwQ6g4Ic_zlx5XhtKi_t29Po6qkjkUVrlGgnIeKo9UCF1m-FBfbmaPaxbbsAsz7N3DNcLesyKWx6hrrTQ7aeAOyQlNK5yoLHRYb_JLSKADO4sYyDMZj6qWvdhHfy_mbrzkdyWsrk2nYTpT5o7K7ONr0lx1B2HcqZQeRXCtC4P7YrZRhQVYWlzR7iVVRIaDHrVJ4nC9_FTuzFRYpgBG8UnIOuNuTsHZwaBAgxBmck59ZxfpgHVkshUaOPDjhwwOD4iufU2_douDBoeaEZjBMtlVnucYISIEohEJ0EEie6kJI_4SnUCt_wr6gX-AEWcdKSe0uQK3Q3vk5MElftkJsX8RaWbEFrB-QDpTt0i9o5vc3W-5dvPX2jHZ20HKRchJvBa1Kq--bMejJ5xDD85tMgG7ZSZp61S1qYo-9dXoOS2LxsOi7DdRMXK33vf_gX1D7QdiMifM_mLHdxv9JhRUEM4_l9Tq3VJo7c7IcMgvrlUCbXhZFdK_oahN9ez1eLoWV2HE6NJfXM2UuPSPAVP9Apj79661quaZJbnvr0gL0BOy4Vug2QyiaY1uaSICrExsRLWSDM6-oxKw2wO55pd_yamviWXTVwp6gIQr63au2V8YmrkU-gcbA4eVzVGtzqg6VAy6fq9aphothAPGOqtRj8Uc7uR5YoKAM_3DgXp3OJtabsjONUUYWBFZ9o-pvch31Jc9amfH14dFpA9Ck3JzNxHVx1icE6NYtfcw0RGmPxS1wc3fdwVAIVvlJdcvSe3e-mxhTO7efzr6FHIlMCn9aHHNkipI9B_rR6b7ThOkp3LvxjNCz49nwPUWhPwlUlGdEuQ8ClRhibGf6c5LGszg8rT5LwHb2HDN8dvdiUgBUHxtmyQbxuX2haezwNj9MrZ_hGixqYLsu3PMHTxqtNsvOC8-8JDhp2xsAx5JfD4mhr8MLDoG26JFBQpbGZBVan3e-WRpG0LdAk3FNp2wW2lmRHTsq-ypx6C1N37bZKes-pJZAKa8y6RH0NT5N2-dCcOo4G8KihtrkGO2UZYyiZilddBMctnxoah1WqohwCebOQdp6GyATf8wtAiZYXlO-YAmlhw2swMLu9o1ZANKnr8ncI-GUe2jTtu2TYM-RoZaYWUe_xGptQFjb8lnhJ4l_xU5DhIZImUaSSe1uc1MPF9bJnniEVoneDxSNwm8SRRShUba1C3vQyfmf0s0_xLNL3BIERUEwBqxLTxpa-Uv4h0p01URESJwxtCKmOkClwiBbRXlioGk3DX7PiNuBREg9NEX9bbn-gg2BTDNIUhEVwNDYpM7l5Li_77wA739srIudZSC9EB8fDd9P3XlvzufiIplxgLFTgKjbz_TXYeev_bxjzyJd5yfn1GcZXESj4jqVhZHLFdsjVyDRRbVYnfxzJGK6jae5GBYJyW1RVJu5butjjAZBxtpu46EW5CZV1-WHAZYHP02cGuy4BFLrmKnpgCeBaeWrwAObkk_fcjwFgAPjRZzn9N_FSg3XRvMP7agm9TNhtXPqVOYbqp-A7qMfBXTwce1Xpe5Vy0GTH6ouSjaELAzHR6WyPKL9fVET32ZLHx8tuchPbjwlD40pgDR7nhECPNMLzN3al26gXJ3WxttSlIVe84rpZT-007O2_iIBPhyRSSaR05rHO2GIVBIaWizhSI9hheQQN9qix6BiKrxqZw6PHJzrVDQmoAg_kw1kK3HeoVOyJdZkl2zqjUf4q5iSTRqlXe-zm6nP_xKoThVvHmfTlQwp5Cjq1gqbpC8Hni7TImpek8juBG-3YxZbTGNyeUVA3RC9Z3MCCyLU-49cD_IbpawjGxtwJp7xSuM4iAyYQppP7ofr2_oLdlvD53XcLs5hFDHUEn3lZOuoSmG3Ob-z1IxCvo7zK5Opvj21kG-hY13A&cid=CAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=17204795879783190000&adk=1033480531&idt=157&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
638232833a2ba37206d367e5225e673f9a312b0c6cf085ad36b92e84cd0c6c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11942
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame ACEE 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=25080&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F25080%2F220505%2Fb0df4b81f52f48c386b6472c88230d0b_vev_luxury_second_hand.png&v=3&w=596&s=FnwlUkpuUUDj4ygGvLbpgFcG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a0b08799b5d5d5e438320bd65372a412814ab675b25c97795f6a31cf5f25060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
18151
expires
Sun, 16 Jun 2024 04:31:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1258560%2F756%2F1258560-756-image-1-632dd980e4995.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=Wdlmpa9u-iRVoZ84ZCwqci_v&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b1b9559033da1e7ca62d9b077dd22e5275e79fd31b5c71ef1875aaca531f1f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
15464
expires
Mon, 17 Jul 2023 15:49:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1579947%2F49%2F1579947-49-image-1-644d94f09f14f.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=TVJdRuZi4TWe5v1nHccKIluq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8e2e9333587592a6aa0bebd81b30cf806a165fce7955563fc4b3559a66185d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
7924
expires
Mon, 17 Jul 2023 19:17:14 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F101053%2F28%2F101053-28-image-1-62826882b4fc4.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=9j8N6KEem5XIqzQi8cCnmkl-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a63361d24140fa2a1ac7881a0a98a929e0b174a8e8b8e30a4f160a5d3a0b204d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
8168
expires
Mon, 17 Jul 2023 17:16:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1375338%2F756%2F1375338-756-image-1-63a0462876079.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=BwG4qynIwTk1G4_2YY-3qBZn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6c97f8d1b8f15ff99ac791d5fabca8fe16f34ad665347fcfa0899e8b7c813515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
21080
expires
Tue, 18 Jul 2023 07:12:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1342524%2F61%2F1342524-61-image-1-638496345ee70.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=O0idat72sCPQX32FfkhTduh1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce3d191458a5280f0c0464eef8cd073a26b56759eca6e5e7b2f9d3d11afa5cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
11354
expires
Tue, 18 Jul 2023 13:40:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame ACEE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F191557%2F49%2F191557-49-image-1-5f051c2ac0e49.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=2yx6t_fwY1tNbHftSyIlMdPL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f241d9a80fe306631e3df08e22f112a4f348dc7cd305248700162a53430b1d90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=86400
content-length
5654
expires
Tue, 18 Jul 2023 10:58:19 GMT
all
csm.eu.criteo.net/ Frame ACEE 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=xAi3rz4PmO_g3JnoR71uEqfhfdD4emSSYICnXjTAtmL1gDIirmI_jiHK72OPoFR-mxIWNKt3RsHO631p5-sPttIBS1p2TO60bLsqn-iKR_UupFKAekBs2CmDXzOdeXjiZf9ccCKohCh-bO0vBy69ytaZ2upR9DYNIuzXB-WDx5Dzkisly66NDWZq1BruoCjULkGk-agD9iYhxsv_PLEWOdOHHBCEfX1PgK-2Nv6OCYze-398TIsmFN03yZgpbLlY7JN_0A&sds=2&rev=87483&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 17 Jul 2023 15:43:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ACEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame ACEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 15BA 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVuV3d8Q634VldHu9xUP3g5mTJHcwurM2iA-m3xgHqHAHpQr2Bva7MFWmDSKEfgJhT6O2woION2gSbo8esGFC4BQ9Z9xKJK1_PqkjSrNWJARnZeBtYEIYvjtp7a10j8rda_ziY-EdDCBKX&sai=AMfl-YQoZNAWpPPDFdqKFnC8NnVqRNv8aM5EBLzB0HT1helZFGFpfgksJvK-gzgyJMz_9J77TiCSN1tiajrP_Jw81RlZrxEogOj_8Dce0kXpFTo6Ma0ReC8tY78vw92D-9i_SRd77u7OisLzCxULGw&sig=Cg0ArKJSzCXHx8GyLv8kEAE&cid=CAQSTABpAlJW99R3FlDrzn8CmdHOlHPI47MKzmXyo931nVxBosV1wTRlBjvA7XIXSUU0JJgElTQMdXnxuq_BeVpt253xSVVzeCnXbKFrUk8YAQ&id=lidar2&mcvt=1002&p=89,130,689,290&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3371586687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689608631441&rpt=180&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 876D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq6YBIL4zj4zj_JFc-xT3XWFkwHlYWq-XTpSACjtjLBa-G8vuPS2ZmMsamJJ2zTni1nd0_DRIKcA5CwlGMwnif7TCeV5EwIH2AI3iEtnXhrY8nwIvuFree6_Al88iLqZBsE_fwcQGNO921C9LTAKsmchYDOFO6LpuEBaGQZts1eg7JDPs&cry=1&dbm_d=AKAmf-C5tRYOeLtkl09P8KVJq6Mpyf8xOKDFXHxq9pwKHJuIt3qamVLT2czJYMuy4K8phu6Td68KNnkZ6ZFA08RsM1qn4kHnNM8m-TFJ8pOPxn3Oj4ADKiYfSY8EhSwK2FD_f0jk0GIwh8QppbE84mySkSmY7_0ehA4R5kkf9dUaA9d69Dbh2vuKkU0sz0yJVYV2sTOd9G9bgMEeekrSxS8pUaIJukWOtLyH6S_5lbjVN7BWRZPBcELG0wDv6hQyP2zlAnJIBQT55nsnaC8VtaMkEAmXjsBQEWBjaiSc7U8bUJYZfstglamj4_5rJFnkQLz3VhUFZ6YnIcChcx-qef3SrxQ3PZ9YZKkPpF-W_bCsL8SrIsr6lS9EsFGvRLDOIUkaGS-G9DzGwJVwcf2zjhHfE6MDzxnv6-rZ__X_FR78ihyGLqg5zH2u0jnrfvhWO_9ClMrsaM75V1-1TzSrf9M-vm3puI9BJXXMZauW2PsSJP291MkSxJ9ngNOds18VCIwLx33r-6GkdDJ32mGp_1IKKWrXCl1OJNjgNVjzaI5hTQEvYik09yOyeS-PXuQHlldiVbFzZxJpfQHXCNd5SJSYr_nTJ9cCI2CUBP5IvObfoahsYsSMz-ECMkXj00x_Qho3rgFBZbeRymk0ilpS6HgQCmf7QIKi9aYqggkm1mISRJ0mf-YX9dhsYY2F7tLp_rOTQCC9LLUhxL5hx8YHafR0kZDSoOxjeWji4zBMNacpqeEoRY6DdaKNEzSB4BY0VDKQmqK_FE4xB98HC_-yuMeeg0lP12q3wEJH8yFqWyCRmno_j_tId8MPZnIjiLQbbrIVdQg2Sl48Kf9MUeXKe9MMtv1WfNGQ6N9W5Ml_URXb5y1vG2O6cr6coKLpPQtwnfCNtpJrLTjpjSmPegLsEaMZcMZwGEGrj-mr0YljjQ7u11CWGfTlkUR5_I26gwrqLTyJdCcMXCT1AVMknrD_CjQuTxS96KV3kOCJlTqGxHvUMx-LSCR17ueocH1N9g77jjLsGrL3k8iciUGJoQwholRIfH6W7KuHWZdzoR8Z7cbBTxRzGpOzO_2YonoCj7iu2o5Nd1kxP6jFp6_ABM7kwQIYZJfvsAXwl_6p7XHmC0Ry5Zi51iR1L741Ar2xUYazCw6gu0O6-0cCbiDFozeDD46lMbWMrFdEy_mloAmGaBT0QLmFtb8MnP8_cPyxKSdzAIbdxS9qrGQ_txnc8bn34odCo30GpeHFoVFgUWvnDDnXYkBqFPepivHCTTmkNiPA4okmecHNKeOAKxmLQiFILP4pz0In2Y3R4xXEE6Bndlm0BDjvic-JUw1PsxTquXtX1JRDryiEesjaOGfQY4ivZIWO9mOH6bRq_nKllevXazWyFyAbCAwaHRLTn-WEKdV6_oU6zoFMgtCIS1KCQiraEQGezAirey8vpLPEyW_OlrM1RqUsMHns-0XB5gGBHj9zD9CVEffl-xDw_7RUxMxk6B7WzleSv0AfgxC3QnFzsg_BQYrqSNtPLunzEG3dnXKZLfb_URVCxFre3iPrA9s4K_bxwDra7DXs9bz7q1KUoc1OwVPDFtLszdmcANx9TNl_w2-XhaJQ1TpA5rwSETN6xlAaqfawJhVdYmiH1PWPRxXbetqSJwvf-UvEH16jvsljXlT-JCelkb3z2B8Us-8ffKmT7KvlEHd-A2PofZ7f0KtgMQSETbcqtIdO2JlnmXTIeNE3wvVEDVhd6YhOyv76CBXPHJvX2AawZPD1tiAqDMZZeFgj5b47s5Oe5ljUbhkeWyEB8AUjSjdpE_gJBscaCrhs9gVBkGuvDrfvjGGz9d-fNBCJMWuY6Bw_tQupD97J1vVGZH1i7IsdnRtdbLnRM8aSSQxHESbr3ZnMl5wSb8xIkn8nFSCrlts8lupF_GMZDCUGsraRUgeIynySjfdcgGlf-m_aePnWK8v_KtLJNDoLTUWWE6ev1mZHaubatk-DuFKioVAiPOXOCl5Q83OlWIttxamX7Ov9NHeISs_ogL4PANz6UScAN2NkMcyByuUu8MtVokfBjIOqCm342Tf9ElBYQrJ6pXjwX3P8qPwpWwon6FX-vkRpwbhlWXSKWGcw9wMe80Qxt44AagGrCedNIfjm-B9ciKidhzbqJyKYpjSUWOIiCyhrwQ6g4Ic_zlx5XhtKi_t29Po6qkjkUVrlGgnIeKo9UCF1m-FBfbmaPaxbbsAsz7N3DNcLesyKWx6hrrTQ7aeAOyQlNK5yoLHRYb_JLSKADO4sYyDMZj6qWvdhHfy_mbrzkdyWsrk2nYTpT5o7K7ONr0lx1B2HcqZQeRXCtC4P7YrZRhQVYWlzR7iVVRIaDHrVJ4nC9_FTuzFRYpgBG8UnIOuNuTsHZwaBAgxBmck59ZxfpgHVkshUaOPDjhwwOD4iufU2_douDBoeaEZjBMtlVnucYISIEohEJ0EEie6kJI_4SnUCt_wr6gX-AEWcdKSe0uQK3Q3vk5MElftkJsX8RaWbEFrB-QDpTt0i9o5vc3W-5dvPX2jHZ20HKRchJvBa1Kq--bMejJ5xDD85tMgG7ZSZp61S1qYo-9dXoOS2LxsOi7DdRMXK33vf_gX1D7QdiMifM_mLHdxv9JhRUEM4_l9Tq3VJo7c7IcMgvrlUCbXhZFdK_oahN9ez1eLoWV2HE6NJfXM2UuPSPAVP9Apj79661quaZJbnvr0gL0BOy4Vug2QyiaY1uaSICrExsRLWSDM6-oxKw2wO55pd_yamviWXTVwp6gIQr63au2V8YmrkU-gcbA4eVzVGtzqg6VAy6fq9aphothAPGOqtRj8Uc7uR5YoKAM_3DgXp3OJtabsjONUUYWBFZ9o-pvch31Jc9amfH14dFpA9Ck3JzNxHVx1icE6NYtfcw0RGmPxS1wc3fdwVAIVvlJdcvSe3e-mxhTO7efzr6FHIlMCn9aHHNkipI9B_rR6b7ThOkp3LvxjNCz49nwPUWhPwlUlGdEuQ8ClRhibGf6c5LGszg8rT5LwHb2HDN8dvdiUgBUHxtmyQbxuX2haezwNj9MrZ_hGixqYLsu3PMHTxqtNsvOC8-8JDhp2xsAx5JfD4mhr8MLDoG26JFBQpbGZBVan3e-WRpG0LdAk3FNp2wW2lmRHTsq-ypx6C1N37bZKes-pJZAKa8y6RH0NT5N2-dCcOo4G8KihtrkGO2UZYyiZilddBMctnxoah1WqohwCebOQdp6GyATf8wtAiZYXlO-YAmlhw2swMLu9o1ZANKnr8ncI-GUe2jTtu2TYM-RoZaYWUe_xGptQFjb8lnhJ4l_xU5DhIZImUaSSe1uc1MPF9bJnniEVoneDxSNwm8SRRShUba1C3vQyfmf0s0_xLNL3BIERUEwBqxLTxpa-Uv4h0p01URESJwxtCKmOkClwiBbRXlioGk3DX7PiNuBREg9NEX9bbn-gg2BTDNIUhEVwNDYpM7l5Li_77wA739srIudZSC9EB8fDd9P3XlvzufiIplxgLFTgKjbz_TXYeev_bxjzyJd5yfn1GcZXESj4jqVhZHLFdsjVyDRRbVYnfxzJGK6jae5GBYJyW1RVJu5butjjAZBxtpu46EW5CZV1-WHAZYHP02cGuy4BFLrmKnpgCeBaeWrwAObkk_fcjwFgAPjRZzn9N_FSg3XRvMP7agm9TNhtXPqVOYbqp-A7qMfBXTwce1Xpe5Vy0GTH6ouSjaELAzHR6WyPKL9fVET32ZLHx8tuchPbjwlD40pgDR7nhECPNMLzN3al26gXJ3WxttSlIVe84rpZT-007O2_iIBPhyRSSaR05rHO2GIVBIaWizhSI9hheQQN9qix6BiKrxqZw6PHJzrVDQmoAg_kw1kK3HeoVOyJdZkl2zqjUf4q5iSTRqlXe-zm6nP_xKoThVvHmfTlQwp5Cjq1gqbpC8Hni7TImpek8juBG-3YxZbTGNyeUVA3RC9Z3MCCyLU-49cD_IbpawjGxtwJp7xSuM4iAyYQppP7ofr2_oLdlvD53XcLs5hFDHUEn3lZOuoSmG3Ob-z1IxCvo7zK5Opvj21kG-hY13A&cid=CAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.ukr.net%2F&ds=l&xdt=1&iif=1&cor=17204795879783190000&adk=1033480531&idt=157&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
525077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 13:52:35 GMT
jf2y0amzcvu0
hal9000.redintelligence.net/zone/ Frame 876D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1689608631307078&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3d4b65d6bfa903301b18b3f1c3733c663b19ef36e2ab8c79b8a196887bd6ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4151
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
dmsans-700.css
static.criteo.net/design/googlefont/dmsans/ Frame ACEE 		696 B
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/dmsans/dmsans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
394b80962afda22f7e6f387454e642a5a39cd1a22203a34c1c2ce2c9a405528e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 13:58:27 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ed83-2b8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
dmsans-400.css
static.criteo.net/design/googlefont/dmsans/ Frame ACEE 		696 B
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/dmsans/dmsans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c99c2c7448d0fe3fd96224986fe8c1d1f3fcd7388aa49c57337e52fc8e9a7bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 13:58:26 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ed82-2b8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AD73 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
344206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 16:07:06 GMT
expires
Fri, 12 Jul 2024 16:07:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CB7F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsue1NjmsQKfCfp1Yr8Q5tMi4am5SF4XuHxxxVTCpkeVB3otk5G3OEPNIJu_RVzPX-Yqg2qK7P3rDQsjFbSek9ymFnWlUczcqQPgTK8LVoZ0OE7ZRLqb_OzamERgOzvwhwnmQ5czP2vCy5A_D-jAZ1Y1aHg23T-OZvbAajVMMU5S_23vgSvQmzdeZ3H3gqHJGpOKlgU8rUzErATffyjAARWGU1Ia9dI4Bakv-6pQdPvLiLXN_QZgC_Ogo8nqRs6DN91ieg1ai6JmRVLtQbNpdjBQCM_El7Zcth-7Icog7Yp9fxEjkeOB9tlecq7Kz9ckGwXTfbvCtlYjpsk5yNxIF9KTI-ZfuzQ025VvGDvBugRVkCnnOrIT0GJdTrANfQLj8ctI1iDcR3bCFXFIb3pWgckU_4lOEnQZevTmYkKFaCqjOc2E0T6yPkG0JZcwJANZSWuViUfojxWTK_bNXmj8IlnMZfPdR5DbJeH-i5Eli5AQXQxL1aR_1_MB-yXsTUtIS9yMt8E9vlLGoc0Z4ZisL8CN7Jg3ZDChuQStJ2XIEl2Hgwm-SnRi_63mwCkkBiftMNSH5H-GKUG72iH6kwQd5mFEDTYSCAIHslu06zJY8cAQIdsU7deXW03RfxbFgfqgYr4LR_Fk-m9HmS4saT2paUK9tcNyafRhkYGsbCsLIZBxVvq6IQQhVI02yG7Jdeum0rQwUqPn0q12JjktL6Beke6BOG_hGeNUxzLgvgG9UapWr_sgRFnc6WfjLFejbss6jzWyIVZpLbkLPzkUNc6ZRjx-VEcLHjXfFH_vnqfu-XCAqe7MR5qHG-jMcJmxntozGDU15yRynxNW8mNYwH43S1yyC2gKS5ZU8PXfsA357k8F3y78zT6z8HMr_UMfFnd6XAOTNPi1vz2cIGHvzPHb29BQlwhhUbOLJtpfPNxZoZyvg3k24Mx9MliMQc7NUFt__LIeWXmtqcHwpPONAiCeemp8JlF3yuVD6gJZCSCDHYjvEKqh35_4F5SBAkb4Steun6b6uC77PVcYeixwTCp9aKs-fAIWlD47_lJsPuOwQtji6hF93BMwOqXxOdV8RWrzzyDLyaklkdqN0cRntxOfO7-8OkJq7euWocnjGusielV2Eh2RD6UvnMYpdnqe8WULDjY&sai=AMfl-YQBg0TnE9z-J_Epac7VLT9eRCi2nmPJqpuGpRcIeFblmBIZanSn6WOhmcSoswDig9YVnL_RbFp0u_Wo8AlF9aXriB0R8xFicTu6TkHWySfGtWL_k1RotG2EJnORqA-LbL4N0oY8Ep9coPF9FMe2J9ZY6U4rw8Xg0RQ&sig=Cg0ArKJSzL5Uaof0vjqLEAE&cid=CAQSTABpAlJW99R3FlDrzn8CmdHOlHPI47MKzmXyo931nVxBosV1wTRlBjvA7XIXSUU0JJgElTQMdXnxuq_BeVpt253xSVVzeCnXbKFrUk8YAQ&id=lidar2&mcvt=1000&p=446,995,591,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=216364347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689608631451&rpt=225&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmsans-400-latin.woff2
static.criteo.net/design/googlefont/dmsans/ Frame ACEE 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/dmsans/dmsans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/dmsans/dmsans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
352a7c32317f4ec49ee7a48025552d5846b1aea3493dd398ed90888d8efda396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/dmsans/dmsans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 13:58:26 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ed82-46b0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
dmsans-700-latin.woff2
static.criteo.net/design/googlefont/dmsans/ Frame ACEE 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/dmsans/dmsans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/dmsans/dmsans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff5aa201c864f75bd31f77a1b07043d2ca550340fea1a0cb05339ff017747085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/dmsans/dmsans-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 13:58:27 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ed83-4724"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
static.criteo.net/design/dt/ Frame ACEE 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLVhtwAEro0K4ExMAAzwFapM41t7MMTY4fyMqg&u=%7CAYQquKYgwh9fMXc%2F%2BFazzjiHkhNLh%2FEtFbQBh96hVi0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWXiD9Ov96PhixBdUIzl0chjNMt3IOSxE9fbaBrjvy9Tv-ak40Nn-DfyHdyDtVKKnHvYMWIFSEnfMJ5BkNLy1lR33pMWhS-goeJ3iH_FyDXGZ5M9dRWs77NA6hduWo1RS6EMwZx7mSfg6B6lmj9eYV0Q70_BxCmXjq4E3OtehQW_I7R9RwBG8-L9RqwgQcB7tGVpG1NzU5fqs1m7x1gTldXQRw_S8GH0lgsWbMt6_fa50bo8YOtlYikK89B_VJGTR-QaEPGUHEsicLMoOtZd8ao6Khd1CpLuOukNCQVg6ireuLxQdYob-0YEos7o-HOuaosU1nGlyl0ywM3b7kxtGw971qkM8UR3Hs2O_ibtZskS0Twj9v6YZM6euKZIJ21OANG6oULxkJ3oxokvIk0Tc4iJ1ToCGLO79vw-Hn1ELD-wl8WICebX7lORcvnDLPxBqa-LxCFVMthVptaozgw-USvYHnamMmLzHefJ8yR5ey0h05vNXOQerGGZ6WQPlEt26iflwL__xiO51PucXvzH2GqmjKGvp2Z2sNlb4OHty0_ttJynprZfYsYs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHu7wt2G1ZI3dEsyYgQeV4LOYAcme0rFcpfyT93DAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNzAwNTgxMzQxMTg3OTAwNsgBCakCTFotrujXsj7gAgCoAwHIAwKqBJECT9A031A9P3yYekL8fRqis21R3sTkhaD8jKzc2UYvDoDtwuqGFNYQkHHFkOfKVRJnR1k-0uHHG4mKRcKC4hTofvCHF5gxy2TK2PTB23oK8GP0ftVyxanYDH48bchjpeM8JJVfabgvqclDDY9g4CT9ErXlsJk-FZV2KB-DV3YiHJjdUCkguFLgY96HJwME8Kw0Uf6Ubz1RsXqLJLIB1GNLcvQApyQo4zvrTVnKgUrCTgNKhtRE19TxiwzIZ9Ou9Egrwi1neYny3E0gyd6NVbz-5Q7GI0x8WcIHT80BLo0Cn7RsYIaZQQAlW6_Xh0aS_4zXhYNUjkCZrNXdGPY0XhryhLwD7-HjmZFThY2B552IKfWd4AQBgAb4y-7Vz6yG2IsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ARClXq5ZXlav0OkZN49fVc5DnbQ%26client%3Dca-pub-7005813411879006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 12 Apr 2021 08:02:01 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6073fe79-a654"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Jul 2024 15:43:52 GMT
9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
pagead2.googlesyndication.com/bg/ Frame AD73 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 18:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
77084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Jul 2024 18:19:08 GMT
request.php
hal900016.redintelligence.net/ Frame 876D
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f47ddcaefe756c183324610964fc0d40d34977d06a2affeec3a7e6fbd4236e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Jul 2023 15:43:52 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
86199100113987104444978012388016
Connection
close
Content-Length
1375
Expires
Mon, 17 Jul 2023 16:43:52 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 17 Jul 2023 15:43:52 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 17 Jul 2023 16:43:52 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD73 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmTN7uGG1ZLa0I7jG7_UP39CJ4AMAAAAAOAHgBAI&bg=!4-Cl4LTNAAb90kgr3dI7ADkAdvg8WsWappfc-E0P7FA9n9PQvVxxyaMnvRyUvQGro1Fl75cA2xH6sQSgL04jT7iJkPka3lFAxe8CAAAAcFIAAAAHaAEHmQLm-xhnQVHScFO4XnK-fsGcPCpKxhHrzHBVyJbkBYENyiq-zlmXLydgizzsfhLoEdTDD_PSQUtjDodysqiO84UUGRIck6JvDRAsdiaPcddTZco_owqhi-9IG21mChKPUidxOrnaq7wsLoDpGyB5WKHmJvfRCVVQMb_K9AjpEtpVmfIzF7ejm7508P915Tw7_7nx4F5TMZ4bxdMcPT0a-2r5h8z4gxMbXI1SVAW592Qw-Xe34RXVZwxRSe02b5MS1r1972o2XBjYJ41b7mzH8LhOI-6cJPRFTpu25WnA3iGJpgODKQds-9O4lKWW28Yq6w0hv4PWp29ktlUvMwLJlhc0Ho3Qg_JpeiahAv68SguqtdXvYdqm2Yy6445nI3jdjpkHwWiMNJ_8rFka27y3IKlt4_IAuwwB6_pOCgwRvWdD8UIh5iBGDP3vdAxD6oK09qOGbatcX2BD7kpCK4uqVugSlSSCcJWDPkoR6D3wnE3OmzC0_mhoUXWDUJ3Baz67GKWU09C3rh462LuzDpGBkF5ZiMVuNLTf_c-JBgMJIsihlGY0Z29qCk5wOXVcIOL_YWJiQnD3ttBKAVj8RL3uVU3eeb9IqVsr1ocyJy_L6UXZuyBiTiKcd1tEmkVXeERGJSwFxYT3zSGQHyNsrwflBBYTCaS38Yj8nSj75gPce5jjZ5ssH8K4nlgJB-a7qcF51Xdm1Gm3aSloFzlzupjiS9GVI0i8jb-d-bYPswrl3zBMDnOx-_VkvwPmNO-7xm7qA5jYuE11qYc_Rt5YtepZ_IwAIl0DuzJ2A_BExJTWsefj8pXxmMQkSxIouRY08UtcHV5qV8doaAqIfHT5X3pQWDLXOaTgqlTyI4Ej2OpuiMlERuwxnvpFWyxec4EViIEWvgKn93Gjw1cRbQ3YTfhx33l-lzjSE9pEquoqPuyGuop6vj18lYJkaCDsMVa3eYPBmIgjwzn8zR8KId-yP7G85bc9SWm8-SMYUg
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adv.office-partner.de/ Frame 5E90 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 17 Jul 2023 15:43:52 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 24 Jul 2023 15:43:52 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 4629 		0
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Mon, 17 Jul 2023 15:43:53 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
Vary
Origin
X-IPLB-Instance
40028
X-IPLB-Request-ID
253A3AF7:AC9A_91EFC182:01BB_64B561B8_D982F92:1ECFE
link.html
track.webgains.com/ Frame 876D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=86199100113987104444978012388016&nw=1
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.28.186 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-28-186.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
ca4ed2c11d5f786be8fba6ecc1820626b3b959d4d1ded26a8560661e8fe8d7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:53 GMT
last-modified
Mon, 17 Jul 2023 15:43:52 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 17 Jul 2023 15:44:52 GMT
activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593
5994599.fls.doubleclick.net/ Frame 349D
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593?
391 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593?
Requested by
Host: www.ukr.net
URL: https://www.ukr.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
cafe /
Resource Hash
0da9a8ef5cff98cfc710d35881f0ffb60fe955f07e23db613d96ede4514015ad
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
219
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:53 GMT
expires
Mon, 17 Jul 2023 15:43:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:43:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900016.redintelligence.net/ Frame 065A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=157f3ee99b&subid=&uid=dfb10a447a3638c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCFHIot2G1ZIbfEsyYgQeV4LOYAablvaBpvZicp8kP8C4QASDnn8OZAWCVgoCAtAfIAQmpAkxaLa7o17I-qAMByAObBKoEiAJP0F2vLhKDM5XBMeFDA4ut74Y_QuC50jb0KATewDAvaRCcW-JPfNiP6fgtHkvInzEJocBedeIRMcLYrR-Emnzi88FPwR6cMIO9w6Cg1K_IrIUdFrwfBymsFJcIhrhBFvblVvfQLfrDW_DR2nrpGqz9YIL2OUHhZmKv1p7j0wQ2lT688-oGpJp4Im8yvuEs1TJLHFVDrHe_beLfmL0GA-JVOt2bGWO9qJzy2NP46f4CmOWgUh7S6VJxym6xqkwGUF5O0av7Grm7EHx5jL8h0QNBKpoHHDOmYH2nskHhIR7I7LyIFy7ucJM6z_ofR_MH_TnJk7SAChLwY3JbdZU9lUcu8cUUUMVx_kzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ%26sig%3DAOD64_2Ta70YaH93grqQEzLbzyJkJuk9Dg%26client%3Dca-pub-2923577365468476%26dbm_c%3DAKAmf-AFSCnimQ2zONy53_oyoVEAbJ3YgzM9EH1pedvr7DFz-yZQcNb1dXyneZAfsbldZzAxGWKNtbf5U2pHR9uuTdZ99HvgWZ_zyqEW4xqe4vSDezjKd5fYER8XvaPhfNlw2vulfZd9QBL4CI-knjk0X1997IIPHAFxAr9Tz3dax6oL6i9sXvc%26cry%3D1%26dbm_d%3DAKAmf-BaPA9j-dQ0Fn-GsqCXm03lIu9A3kgavTT9qGCK17MtzCc5go2fCekA3ZHvpN1S89Q4tJEUr6UnbxOE9b84kMEpkGInIiIWVeR7127ozgYV25klOXs7v6Xwodm3-u8OpG522d0bCis93-xHXjlsMB8xMCxeN1r2eZ7xpbnwJaQBsRsf1ARvWUk0HsaDAlnkDU0zHnnUl8H012PvLZOfn8lbLjDUBBqdUT1D2aygwfKpOecCQx50zM0gqYr4zpO3vof7dSTT_C7QUynrKbLHdnv5r7sdYxBG6E0FUcpuFiK_yjdCwHl-rpRjxLBfZ5v8plOUHbNSj83GTnyvm2vtKUDfc3-S9a2pp037qIwEGDl2vq3JY8_7cDDVUBgkPd604FMtbik4NbLLubcpozanTt8mlZQeNqZx_TDh3vGK1_-iJTIY1Qs2CbNmV86pvFg2vfaozSAcNp-20XPpgl60KzPjPf0G3QdoZMWvqrI4cY0k5moChEgQKjXn1vd3WW7jATnUgF4IFYK_u_XoScTDA_mRABQBS1Xn7u23YeHI0kL51ll1P3g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.ukr.net%2F&ancestorOrigins=https%3A%2F%2Fwww.ukr.net&random=6795121698559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
069af66dec557d10a5d1cd561ec606d5126369ba1898e6646522df626a0ec11c

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2040
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Jul 2023 15:43:52 GMT
Expires
Mon, 17 Jul 2023 16:43:52 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 876D
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:53 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
253A3AF7:ACA8_91EFC182:01BB_64B561B9_D96B86C:1ECFD
X-IPLB-Instance
40028
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Content-Length
43
Proxy-Host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86199100113987104444978012388016&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Mon, 17 Jul 2023 15:43:52 GMT
server
nginx
content-length
154
content-type
text/html
inv.gif
img.tradedoubler.com/images/ Frame 876D
Redirect Chain
  • https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(86199100113987104444978012388016)084371937
  • https://img.tradedoubler.com/images/inv.gif
43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
13.224.189.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-55.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 13 Jul 2023 05:19:45 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA2-C1
Age
383049
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/gif
Accept-Ranges
bytes
X-Amz-Cf-Id
8it-QOMCdTUdhWJ3DvuOKaN3tmUsUnZ8aOzLvcqCLV29TklECyZULA==

Redirect headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:52 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location
https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
truncated
/ Frame 876D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05d39b1c72b5c62baa8f7aa8259977190c0eb13a4f360ba8df3ec3c1274d1e72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 065A 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jul 2023 15:43:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 15:40:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jul 2023 15:43:52 GMT
/
hal9000.redintelligence.net/scale/ Frame 065A 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a882852fb2e495b986d2a8882df49f71101511735a858ec8a98cf59d58ef343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 065A 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f252e15ca38d024ed6516365a229ef07e23129f5bcc10a66504f40e302835ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 065A 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-1200x627.jpeg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a831f0f3eddddc709196f47ad5ea76a241bc805caf0a97c00464321823d77962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
viewability
hal900016.redintelligence.net/ Frame 065A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=86199100113987104444978012388016&a=914b8fd9&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=86199100113987104444978012388016&a=9f96ef8e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 17 Jul 2023 15:43:53 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 065A 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900016.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 18:52:01 GMT
x-content-type-options
nosniff
age
593511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jul 2024 18:52:01 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 065A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900016.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 18:52:01 GMT
x-content-type-options
nosniff
age
593511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jul 2024 18:52:01 GMT
gtm.js
www.googletagmanager.com/ Frame 5E90 		116 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1432534ec0a3ad7a7d699489ba311b78ad54a4822236944cc26b26dc5632bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45381
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jul 2023 15:43:53 GMT
js
www.googletagmanager.com/gtag/ Frame 5E90 		259 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49e577fac97ac13aa10c8cb9c1c0b5a655b56fb3b832a1eb81117d4a40394056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:43:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88982
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Jul 2023 15:43:53 GMT
pvClk.min.js
analytics.webgains.io/ Frame 876D 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=86199100113987104444978012388016&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-39.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 11:11:27 GMT
content-encoding
gzip
via
1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
16347
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
YaEQI7fr9JBMvxPjZoRiZSyZwQZA9WHJQrOXEq2cLekWzCNbTy-1XA==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 876D 		85 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1689608933&Signature=FzyvCqhWhwODB4G7JJkVUdByKox5uvNJtQlT7oiOhgYzj9WTgbNFDS3XTnT01wKWJpThAAqgw1CF~Faatgy7QSuP00dUQNdQ4UhEXt9a3Dtv2~19aCzCgT8NUYROpewyI7eb2W8f~kJsbIPKQdCQos2ZPfAj9n--5izdgRyBsbMmHYzaooFr3SHEwnO~D8ti2Kv3bh-bvH279bsi~ChyeflE~TgsEMoKzYqmy9cI~x27Ai7sEbdyHdQxP0BJsGExB~ImXjPBqutG-YuWQoY~v~NibmTfNjbqr-gLy6jJytvbyVNo4Wxoxznr47KSPrSCpUs7CtDAM4jcuCKUTmwB~w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 17 Jul 2023 05:45:38 GMT
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
39101
etag
"70af33d70b6810475aae19743c8c435b"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
fUzvOst7ySjXqROIvi8KT9PlGw5IRXxNHwbnkvwQvc8F49amL_x-0Q==
dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593
adservice.google.com/ddm/fls/z/ Frame 349D 		42 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPLBg9OKloADFUbNsgodZC0IWg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2942134217401.593?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EB21 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHlSLaY12h6R6_PEnEeRLhzxQwivz8jFlnT9WDJXdsxPcbkOAh1um85a0PwWhhxz4QDdAveN083-zCS1g-KGA8tWM5PHAgddwGsrHFaO5JmfgE8ChFPh_tiEpYQUwQJMdNvfG5Y4IV82oo&sai=AMfl-YTYtncf8p-Uth0D2XnOjhsbXmTzcY4HL-ZZlA4tWoov-TyKhxCgXStIsqurDt3igIbYScgPkWHww59GzfRIS4qow5Wlg56bCGR9rPNAUewmvrEZ_cjy2bmOh2i7fZpUT4JN-tvgnUwDX9SCQA&sig=Cg0ArKJSzIkdIgX-u3WYEAE&cid=CAQSTABpAlJWKZUHEUWxgBYvuCkBhTUFQFfBo1B_IJCZt0VGevzOjqB9RlBTM8Jwkoz9RsscsIxytsG86JY9ZstOOgsFiBL4SWgz2cjcZxgYAQ&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1010&mtos=0,0,1010,1010,1010&tos=0,0,1010,0,0&tfs=226&tls=1236&g=100&h=100&tt=1237&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.40.20.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 17 Jul 2023 15:43:53 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 876D 		16 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.40.20.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Jul 2023 15:43:54 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 876D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4506099193110&version=m202306200101&ct=77&x=1&cor=17204795879783190000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jul 2023 15:43:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer undefined| src undefined| dst boolean| is_desktop function| GetCookie function| SetCookie function| DeleteCookie function| getCookieVal function| LocalCache function| ajaxCash function| $ function| jQuery function| _ object| ifvisible function| MailWidget object| Core string| LANG_PREFIX object| Bookmarks string| zakl_domain string| zakl_domain_back boolean| zakl_css boolean| brandsActiv string| fschema string| magicHash object| LoginErrors string| fr_text_nonew string| fr_text_new1 string| fr_text_new2 object| globalCommercialData undefined| adUkrNet number| adEcbrStart number| adEcbrDone undefined| rootLeft undefined| rootRight undefined| rootFuel object| ant string| basesearchurl function| isElementInView function| checkElementViewability function| fixSidebar function| setReload_branding function| ellipsizeTextBox object| portalCache object| App object| Lazyload object| Synchronization function| checkAttr object| Services object| Currency object| Fuel function| onCaptcaConfirm function| SHA1 function| transliterate function| ToPlural object| User object| News object| Holydays object| Clicks number| bc_a string| bc_g function| parse_20 object| arrForScrollRefresh function| setReload_300x250 function| onGeoData object| DateFormat object| Columns function| getBase64 function| aGo function| ecbrStart function| collectCommercialData function| go_search object| Fifa function| detectIE object| googletag object| vmpbjs object| vpb object| __advShowDeferred boolean| alreadyExistBrand boolean| alreadyExistTop boolean| alreadyExistOther object| topSlot undefined| topSlot2 object| topSlot3 object| topSlot4 object| topSlot5 object| brandSlot function| initGoogletag function| gosmart boolean| alreadyExistBanner function| showBanner object| widget function| __reCaptchaLoad undefined| bgURL1280 undefined| bgURL1366 undefined| bgURL1600 undefined| back_color_1280 undefined| back_color_1366 undefined| back_color_1600 boolean| brand_exist string| brand_href number| crash function| brandsActivion function| brandsParameters function| setbrandsActivion string| a object| d object| n string| fr number| tz object| s number| wd number| size function| go boolean| alreadyExistBanner1 function| showBanner1 function| timeDiff function| zakl_addClass function| zakl_removeClass function| zakl_toggleClass function| zakl_ifClass function| zakl_setDisplay function| zakl_setDisplayById function| zakl_clearSelects function| zakl_restoreSelects function| zakl_setMask function| zakl_removeMask function| zakl_GetCookie function| zakl_SetCookie function| updateCookiesTime function| zakl_DeleteCookie function| zakl_getPageSize function| zakl_$ function| zakl_isEmpty function| zakl_displayMyBookmarks function| zakl_HideBookMarks function| slidePanel function| zakl_DontHideBook function| zakl_treeControl function| zakl_checkBook function| setSubFolderData function| zakl_OpenEditFolder function| zakl_OpenFolder function| zakl_ShowFolders function| zakl_HideFolders function| zakl_DontHideFolders function| zakl_HideFoldersNow function| zakl_showContextMenu function| zakl_HideContextMenu function| zakl_displayFolderMenu function| zakl_displayItemMenu function| zakl_getMousePos function| zakl_windowAddFolder function| zakl_windowAddFolderToImport function| zakl_closeWindowAddFolder function| zakl_windowWizzard function| zakl_closeWizzard function| zakl_wizzardLogin function| zakl_GetItemById function| zakl_WindowEditBookmark function| zakl_WindowEditFolder function| zakl_closeWindowEditFolder function| zakl_closeWindowEditBook function| createImportIframe function| checkItemsForExport function| zakl_setShadow function| zakl_removeShadow function| zakl_windowModalSubMenu function| zakl_windowModal function| zakl_windowSubModal function| zakl_CloseModal function| closeAddBook function| zakl_SelectFolder function| zakl_AddFolder function| zakl_AddFolderFromImport function| zakl_EditFolder function| zakl_AddBookmark function| zakl_EditBookmark function| StdRefreshTree function| StdRefreshTreeAddBook function| StdRefreshTreeAfterAddFolder function| StdRefreshTreeAfterAddFolderFromImport function| zakl_ReportStatus function| zakl_CloseStatus function| zakl_MakeAGetString function| zakl_AddToQuery function| zakl_UpdateFoldersQ function| zakl_UpdateBooksQ function| zakl_UpdateChilds function| zakl_UpdateSelectedItems function| BackAfterDelete function| getParentIdByElementId function| zakl_isUrl function| ReturnTreeBody function| ImportResults function| zakl_saveDataAddBook function| zakl_window_top function| zakl_escapeAjaxParam function| zakl_display function| zakl_loadingStart function| zakl_loadingStop function| zakl_getTitleForURL function| zakl_RefreshTitle function| zakl_clearTitleValue function| zakl_movemouse function| zakl_resetHash function| zakl_selectmouse function| zakl_attachZakl function| loginFocus function| moreRefreshTree undefined| zakl_cmodal undefined| zakl_csubmodal boolean| zakl_returnAddBook boolean| zakl_logged number| zakl_globalTreeId number| zakl_globalTreeSelectedId boolean| zakl_TEST_LOGIN boolean| zakl_DEBUG_ENABLED boolean| zakl_selectPreviousDir number| zakl_pageMinWidth string| zakl_domain_ajax string| zakl_importDoc number| zakl_loadDelay number| zakl_loadDelayAttached boolean| isIE6 string| zakl_homeDir boolean| goto_step object| zakl_BrowserDetect object| zakl_browser undefined| zint undefined| booktime boolean| zakl_importFolder undefined| zakl_response boolean| zakl_autoopen number| zakl_parentEl object| zakl_treeItems object| zakl_tree undefined| hfolders boolean| isImportWizzard undefined| zakl_currentEditItemData string| gsubmodal boolean| isOrganizeWindow number| cfolder undefined| zakl_hmirror string| selectedf string| selectedb string| zakl_addBookHttp string| zakl_addBookSiteName string| zakl_addBookHttpWizzard string| zakl_addBookSiteNameWizzard boolean| zakl_displayModal boolean| nn6 boolean| zakl_isdrag undefined| zakl_x undefined| zakl_y undefined| zakl_tx undefined| zakl_ty undefined| zakl_dobj boolean| zakl_attached string| zakl_html string| zakl_html_main string| zakl_backURL object| __cfBeacon object| google_tag_manager object| google_tag_data object| regionsList object| vmpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 object| GoogleGcLKhOms object| google_image_requests

42 Cookies

Domain/Path Name / Value
.ukr.net/ Name: __cf_bm
Value: M0VXUq9C6QoRFFPgYn_AraKmWa27u7xxaZ1RG2EoIF0-1689608630-0-AbIsU2w4/EIkxAxPhyETDYFX0ViCaTBgoP7kVnh617NW9XKGRJyMMDsuwt9nxYlizQAHdFJdqd+oplB9cHl8AyA=
.ukr.net/ Name: news_lang
Value: ua
.ukr.net/ Name: un_news_region
Value: 9
.ukr.net/ Name: snr
Value: 9
.ukr.net/ Name: scr
Value: 9
.ukr.net/ Name: sfr
Value: 9
.ukr.net/ Name: uid
Value: Cj1tBGS1YbYeutfJA+mAAg==
.fwdcdn.com/ Name: __cf_bm
Value: PZj70LtPyTBDI6mNFLAuMbox09NoFzF3kvEyUxVnMuo-1689608630-0-AUAeuRrndmD0niEBAuSBNd6LHL5l3jGVYGZgevzNdrYyCNIbDME3Eh59F3O0hN26dVEgiRIrRd214+fZplPoero=
www.ukr.net/ Name: cbtYmKname
Value: 42ad7db4a832fd22
.ukr.net/ Name: tracknew
Value: 1689608630969297.1689608630.1
.mgid.com/ Name: __cf_bm
Value: yZuExleW8RIK.Ajbw3v30jB4FVkfX7Hf8FZCI38Av3M-1689608630-0-AWbsFyiIM1IA2PbiV9caSjq2/nMyfCjypq3tQzuPGwCYImjZxJKcaLDI8KqJVXcQCiGLWj8wU1VeivawEXHCoKE=
.ukr.net/ Name: fuelId
Value: 4
.ukr.net/ Name: pcity
Value: 102940512
loadercdn.net/ Name: vui
Value: e58ea9aa11274de4b4fdc9687d116ebd
m.mixadvert.com/ Name: 10b12f370736f92325f38a6893c1cd3d
Value: 444323
m.mixadvert.com/ Name: a4b4b6d8d7c9c5e2bbfb8162a6658786
Value: 1
.go.rcvlink.com/ Name: cache
Value: tp7Z7tPbuGzz3h4
www.ukr.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ukr.net/ Name: _pubcid
Value: 97f6c0d4-3d9e-42ea-807c-3574bd5f5035
accounts.ukr.net/ Name: clapid
Value: 81xugwAAAAAqTmzxhptZNhtEg3G2NQRYbX6GESyNCqzVhk6SuYO4tg:SgDrD4lUBDEofYRohZpnZm2H18URWiisR8DJKOp3nrw
.ukr.net/ Name: _ga_75WQ2FHNW7
Value: GS1.1.1689608630.1.0.1689608630.60.0.0
.ukr.net/ Name: _ga
Value: GA1.1.634404049.1689608631
.criteo.com/ Name: uid
Value: 7df993b7-03f7-46f8-a9ea-1aced09d13e1
.ukr.net/ Name: cto_bundle
Value: XZi3W19vZVpIMUJGSiUyQjVURVNwemROUlpIbjVKNFoyV3g1SG5KZDBpNU5IOThrTTJhY2pWd2ZQeU9aZzJpc2RFbzVhd1RTMUpaRTFWS3J2WExDJTJCVHFEdFRsQU10SGFSaUROUHBIMGdwS1FZcnNZY1NLaDNYa1N3VHFOeTBHNElrVGJ6UkZvU1dVTUdEMUJiTVlEY3pkeGVGQ1pBJTNEJTNE
a4p.adpartner.pro/ Name: apuid
Value: 782d48d4-a500-446e-b426-c05fd62bb0de
.adtelligent.com/ Name: vmuid
Value: e39c395feb3f2885
.adtelligent.com/ Name: a307558
Value: 782d48d4-a500-446e-b426-c05fd62bb0de
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_3c09a160-acd2-49f5-9e1d-a888e0fd0eb8
.doubleclick.net/ Name: IDE
Value: AHWqTUn-KP-X70LQ7X9OCR_M4yAeTig0F7v1_T4OjVAzUsxsBGHVc-PCEPpkywil1h0
.trafmag.com/ Name: vid
Value: 6414479753149555
.ukr.net/ Name: __gads
Value: ID=b924a43a5cd14640:T=1689608631:RT=1689608631:S=ALNI_May93GKZTG8FvzB5a2wEckbDnQQTQ
.ukr.net/ Name: __gpi
Value: UID=00000c3eaaaa5f04:T=1689608631:RT=1689608631:S=ALNI_MZtNrPGSn3S6_07sxsJ01h-1xONLg
.adnxs.com/ Name: uuid2
Value: 111323736816486821
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImHHAvXf!@wnfH8K6pQK`!5=E<*L5?%K71+@+Mg@5e=3MN<$ch.P/a4pp/B`^Z5]'Z.p*bpRz*qF1`*b`+!*=:I<
.doubleclick.net/ Name: APC
Value: Aa3gxNqeXbg0pRDKqfxLrqP3imMCDtIQbBSQmjEKIJngw7dCtEQBvA
.casalemedia.com/ Name: CMID
Value: ZLVhuMtonAIb8fULe-NDGwAA
.casalemedia.com/ Name: CMPS
Value: 5143
.casalemedia.com/ Name: CMPRO
Value: 5143
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 57d58bc819bd943b
.tradedoubler.com/ Name: PI
Value: 1z11z1z126z1WIFpTz7ab3y1y21FmOy1FRDyyy7WPTyvUky2LPkEQyyF51viGDlNW5U.2mXjRpNrDBr54IREgNO_DTiIOiTEJh4k7KUsWlJ2NHQy
.tradedoubler.com/ Name: UI
Value: 1z11zz126zxIDegztbDyPGeh
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1689608633053,"clickCookie":false}}

3 Console Messages

Source Level URL
Text
network error URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Message:
Failed to load resource: the server responded with a status of 599 ()
rendering warning URL: https://upst.fwdcdn.com/js/runtime.js(Line 4)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other warning URL: https://77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
77a976ae4d81a7b709ab002c6ef5393d.safeframe.googlesyndication.com
a4p.adpartner.pro
accounts.ukr.net
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cookies.nextmillmedia.com
counter.ukr.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900016.redintelligence.net
ib.adnxs.com
imageproxy.eu.criteo.net
img.tradedoubler.com
impfr.tradedoubler.com
kinoafisha.ua
loadercdn.net
m.mixadvert.com
mail.ukr.net
medialead.de
mug.criteo.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
player.adtcdn.com
player.adtelligent.com
pv.medialead.de
region1.analytics.google.com
rtb.nl3.eu.criteo.com
s.znctrack.net
securepubads.g.doubleclick.net
servicer.mgid.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
track.webgains.com
trafmag.com
ukr.net
upst.fwdcdn.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
104.18.8.128
13.224.189.55
13.40.20.169
13.41.28.186
136.243.84.75
137.74.6.209
138.201.135.164
138.201.220.30
142.250.184.226
145.239.193.130
147.135.189.55
172.217.18.102
178.250.1.6
178.250.7.13
18.66.26.39
185.187.81.40
185.187.81.41
185.80.39.216
185.89.211.12
193.200.65.2
193.200.65.5
2001:4860:4802:34::36
209.205.201.34
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
212.42.83.135
216.52.2.48
23.227.139.243
2606:4700:1::6813:884e
2606:4700::6810:3865
2606:4700::6811:180e
2606:4700::6812:509
2606:4700:e2::ac40:8003
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9d
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::13
2a0b:4d07:101::1
35.186.231.97
45.133.44.3
54.158.62.28
94.23.99.218
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
058dc554b168867a3dcdf1ae0f5b4918f189116207b5a76393496fc886f7d92b
05d39b1c72b5c62baa8f7aa8259977190c0eb13a4f360ba8df3ec3c1274d1e72
069af66dec557d10a5d1cd561ec606d5126369ba1898e6646522df626a0ec11c
07991868a4cb6968052828c9278562e7a0b6ea7f38e4634bf6c5b6052f0ca259
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08fc807b6f0761f04903226d1362561623318797ff556534439d94a6810aa979
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da9a8ef5cff98cfc710d35881f0ffb60fe955f07e23db613d96ede4514015ad
0e3d7902609430e2b5f87914e061e99debec0ee68f09d9618b3426aea7c6dadb
0e7c6220e6826ddc014f0c6ef22d5b8d3cc08d099e25e71599738b9332bd7b1a
0ed2174019dc61fe770773eceb5e892dbeb2db35671dc22c3a4f561eb37609cd
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a9c161c49bcde9d17b7da46e46566a7887ca0511ca16c33db0e3f1e56cd513
14597b38efadd74b609462da1c880027f122115e156d62542082003a83994318
1a0b08799b5d5d5e438320bd65372a412814ab675b25c97795f6a31cf5f25060
1e912889862f3fc7ab971c4401fb00ff6a745158ea04c1c7dc692da663efd677
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
21d7ed474724491baa8d35de515636654c66eb3143e9faec370324ea7973b15a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32948ef4f1bb2a40f6effe07bb32411761cc5f72ac9bef20597f041c723bcf4f
352a7c32317f4ec49ee7a48025552d5846b1aea3493dd398ed90888d8efda396
352ed8d2fe26386602833203f937db8aca40903636bca0388fbe80b89f5eee9f
37e415e81bd7b165b05302768ecc9dc128d912de51c5fba371191a17dfa14d14
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
394b80962afda22f7e6f387454e642a5a39cd1a22203a34c1c2ce2c9a405528e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b7864973ab663baa7666611d2d528090bbb8e32ab076753d8bc487c4c3cf98d
3d4b65d6bfa903301b18b3f1c3733c663b19ef36e2ab8c79b8a196887bd6ef60
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49e577fac97ac13aa10c8cb9c1c0b5a655b56fb3b832a1eb81117d4a40394056
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560d8a7adbcd2ca1476bd189d1321ab364592a3cc553470d647c2fb91d2df31f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
601f13b2bff45c42d8ba8fc2310215b73d1b5bc75831edb41ed9c65ea70ab739
612cbc1ad76f7fed3e2fb5412bec3c578638ce5c1207ff864770c108b7dd365e
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638232833a2ba37206d367e5225e673f9a312b0c6cf085ad36b92e84cd0c6c07
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ba18418904e979cfda0e0c5d6ffd156dd51cc571d34b79e26cb92497b0312
6843283af14d595bc04e2e6b2ec8c6e3488a95bfa73c4099b8e073d0b69c6978
68fd912b1019de0ebc6e6fa4fb0aaba3f630780d477078d3bc135013bd6d665b
695bb206a26afcd4f41fa1559ed7a45d2edb1e1e5c7293faa4fee6f122a0b9a9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6c97f8d1b8f15ff99ac791d5fabca8fe16f34ad665347fcfa0899e8b7c813515
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37
6ead895cb3613763285f4634945adac321c91a5b1beb7f8ab99bae94c0b6d8de
7043a5da7152e40c7135ffa477bf64c6094206a44a765a561575c9894be24c10
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
76fbdf789f3e73c225f980ae443d9d41d78fb41883e1d3e2db5020de8693ada6
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d0d8bb221d441ab2cb441d5dc940f5476ddb3145a7d41aabfe4a09439b2c18e
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
7ee6e3885e07c30b95831227b0923f25b37b79ae5c410119604ea611d0b9eb47
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
818d58b19c8d7880927275783aa49da7573cdfa7c47ebfdf3ef062805b5827ac
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
8613ebc7bc5f463962a1dc1dc602ea704be9cd999cd65d85b3e291f3da823f20
8682c7dff8e6c00f6ac4b9e466aa97da31ab37209bdab4c2e26c65fd0047c91a
89c77a68c6308605f0c358a8362ce1d8a33aeaabf7e72771d9f31b562189b8eb
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8b8e69d8d3e8752863d65775e3a050dfb320a38606cf61f121ee0de6cd6b5d8a
8c99c2c7448d0fe3fd96224986fe8c1d1f3fcd7388aa49c57337e52fc8e9a7bd
8e2e9333587592a6aa0bebd81b30cf806a165fce7955563fc4b3559a66185d9b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92dba006cabf41eb6c946286123f214b6653c6b883a0a76b387a134d879c0579
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9cd8a30f60bbe41b0bef677711421e212f254da66b1888a58bd99df2e696b448
9d6aaa3f6f1f87c92430336a9cf099b383626f0d6ca9a3ba23996b5f5f53263c
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1432534ec0a3ad7a7d699489ba311b78ad54a4822236944cc26b26dc5632bcd
a1ba8f8220774d9214ce4e928fb54ffde4335550a67ebadbf2ae7f1111cbc1cb
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a63361d24140fa2a1ac7881a0a98a929e0b174a8e8b8e30a4f160a5d3a0b204d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a822a07bc8c87cfe5c2285baeb80c3ae28c243bf4bc7d72528d9a85286c5a947
a831f0f3eddddc709196f47ad5ea76a241bc805caf0a97c00464321823d77962
a882852fb2e495b986d2a8882df49f71101511735a858ec8a98cf59d58ef343f
a9059e2468fad1795e13b94ab9151f00aec37d0886cd142a3ad857cf9f346347
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acdcabb3f770b00e5ffe2e7b60c669fe93eb0ca9cdb659f7bcb65e3bba91821a
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b9559033da1e7ca62d9b077dd22e5275e79fd31b5c71ef1875aaca531f1f6a
b2bece48e51af926e302a0b71c336ea9ddb958f574fffd615e2535bcc04c1488
b451211f57f7f908979094530d817c410fafed7467af07319d228bf14e6ce7c3
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
bacfcbb68c130c22ebf5752c243cdb05556361f9d18ffc48958df84b5bf9f34a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbb887a49e2e8186873fcec86a737765e754dd8c1baec61de458c565bbf3062
bd8e67d46817861c637724c861ad39fd7e8247caf31d309af6e899ff60e7586b
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3013a50365c22fe15e0bce332967f9ebe8d86d5062032531f1621a1f558ce3
ca4ed2c11d5f786be8fba6ecc1820626b3b959d4d1ded26a8560661e8fe8d7fa
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ce3d191458a5280f0c0464eef8cd073a26b56759eca6e5e7b2f9d3d11afa5cec
cecc6536a924ff73d6ef97ed8631cbb08ca12a8bf70b03c348936dc10475cacd
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
d445f6aae563afe37a62399d1df77e4d6fbc82e0efdaaebc1b8cafdd7397bc94
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
dbb79754b71375ffb819af902c7f8302db509bfe827bf585650290ffc71e8855
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e106e93dea77a8f23a94d289525ae1a5a0402d81bddcc081fe6c284600bace95
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e41b8286cd30e93210a880bd9641dfe13728c8a39e8d2ef8e06b99e81e653e5e
e5ef6b824d904ac5242d272b7fc78612e7a70c7721a3fe39e48e378fcf9d2331
e8c8b511f903f4c992ec4a90adbc7a66bdd6253ca7b6e1a00c8ca6ce92399c2b
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f241d9a80fe306631e3df08e22f112a4f348dc7cd305248700162a53430b1d90
f252e15ca38d024ed6516365a229ef07e23129f5bcc10a66504f40e302835ce4
f47ddcaefe756c183324610964fc0d40d34977d06a2affeec3a7e6fbd4236e2d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff5aa201c864f75bd31f77a1b07043d2ca550340fea1a0cb05339ff017747085