m.kontrakty.ua Open in urlscan Pro
161.35.18.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kontrakty.ua/
Effective URL:
https://m.kontrakty.ua/
Submission: On February 26 via api (February 26th 2022, 3:13:26 pm UTC) from GB — Scanned from GB

Summary HTTP 138 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 30 domains to perform 138 HTTP transactions. The main IP is 161.35.18.52, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is m.kontrakty.ua.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.

This is the only time m.kontrakty.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 20	161.35.18.52 161.35.18.52	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	178.248.233.231 178.248.233.231	197068 (QRATOR) (QRATOR)
3	2606:4700:310... 2606:4700:3108::ac42:2afa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:458f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	178.248.235.122 178.248.235.122	197068 (QRATOR) (QRATOR)
3	178.248.233.32 178.248.233.32	197068 (QRATOR) (QRATOR)
3	178.248.234.119 178.248.234.119	197068 (QRATOR) (QRATOR)
3	2604:9a00:210... 2604:9a00:2100:a017::170	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	80.247.32.208 80.247.32.208	25292 (VGTRK-AS) (VGTRK-AS)
3	82.202.190.240 82.202.190.240	209030 (KL-KDP) (KL-KDP)
2 4	178.248.234.76 178.248.234.76	197068 (QRATOR) (QRATOR)
3	186.2.163.126 186.2.163.126	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1	54.156.164.26 54.156.164.26	14618 (AMAZON-AES) (AMAZON-AES)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
138	31

20 161.35.18.52 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

kontrakty.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.kontrakty.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.kontrakty.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.248.233.231 (Russian Federation)

ASN197068 (QRATOR, RU)

www.interfax.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2afa (United States)

ASN13335 (CLOUDFLARENET, US)

golospravdy.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:458f (United States)

ASN13335 (CLOUDFLARENET, US)

from-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.248.235.122 (Russian Federation) 3 redirects

ASN197068 (QRATOR, RU)

lenta.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.lenta.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.248.233.32 (Russian Federation)

ASN197068 (QRATOR, RU)

ria.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.248.234.119 (Russian Federation)

ASN197068 (QRATOR, RU)

www.rbc.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2604:9a00:2100:a017::170 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

www.rt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 80.247.32.208 (Moscow, Russian Federation)

ASN25292 (VGTRK-AS, RU)
PTR: front-farm-https.rfn.ru

smotrim.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.202.190.240 (Russian Federation)

ASN209030 (KL-KDP, RU)

tass.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.248.234.76 (Russian Federation) 2 redirects

ASN197068 (QRATOR, RU)

tvzvezda.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.tvzvezda.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 186.2.163.126 (Netherlands)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

vsoloviev.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.164.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-164-26.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	kontrakty.ua 2 redirects kontrakty.ua m.kontrakty.ua data.kontrakty.ua	63 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	228 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 Failed	211 KB
12	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 44426 prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 218134 inv-nets.admixer.net — Cisco Umbrella Rank: 2092	177 KB
9	lenta.ru 3 redirects lenta.ru — Cisco Umbrella Rank: 90276 m.lenta.ru — Cisco Umbrella Rank: 214938	1 KB
4	tvzvezda.ru 2 redirects tvzvezda.ru — Cisco Umbrella Rank: 442303 m.tvzvezda.ru	786 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	52 KB
3	vsoloviev.ru vsoloviev.ru
3	tass.ru tass.ru — Cisco Umbrella Rank: 155986
3	smotrim.ru smotrim.ru — Cisco Umbrella Rank: 243536
3	rt.com www.rt.com — Cisco Umbrella Rank: 83169
3	rbc.ru www.rbc.ru — Cisco Umbrella Rank: 121325
3	ria.ru ria.ru — Cisco Umbrella Rank: 80788
3	from-ua.com from-ua.com
3	golospravdy.eu golospravdy.eu
3	interfax.ru www.interfax.ru — Cisco Umbrella Rank: 403280
3	google.com adservice.google.com — Cisco Umbrella Rank: 59 mts0.google.com — Cisco Umbrella Rank: 3491	33 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 865	485 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	77 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5583	914 B
1	advertising.com sync.adaptv.advertising.com — Cisco Umbrella Rank: 13788	14 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2590	173 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2478	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	645 B
0	gov.ru Failed zakupki.gov.ru Failed
0	sberbank.ru Failed online.sberbank.ru Failed sberbank.ru Failed
0	vesti.ru Failed www.vesti.ru Failed
0	1tv.ru Failed www.1tv.ru Failed
0	kremlin.ru Failed kremlin.ru Failed en.kremlin.ru Failed
138	30

	Domain	Requested by
10	data.kontrakty.ua	m.kontrakty.ua
9	tpc.googlesyndication.com	googleads.g.doubleclick.net 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
8	m.kontrakty.ua	m.kontrakty.ua
7	pagead2.googlesyndication.com	m.kontrakty.ua pagead2.googlesyndication.com googleads.g.doubleclick.net 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com www.googletagservices.com
6	m.lenta.ru	m.kontrakty.ua
6	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net m.kontrakty.ua www.googletagservices.com
6	cdn.admixer.net	m.kontrakty.ua prebid-inv-eu.admixer.net cdn.admixer.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	prebid-inv-eu.admixer.net	m.kontrakty.ua cdn.admixer.net
3	vsoloviev.ru	m.kontrakty.ua
3	tass.ru	m.kontrakty.ua
3	smotrim.ru	m.kontrakty.ua
3	www.rt.com	m.kontrakty.ua
3	www.rbc.ru	m.kontrakty.ua
3	ria.ru	m.kontrakty.ua
3	lenta.ru	3 redirects
3	from-ua.com	m.kontrakty.ua
3	golospravdy.eu	m.kontrakty.ua
3	www.interfax.ru	m.kontrakty.ua
2	onetag-sys.com	1 redirects m.kontrakty.ua
2	cm.g.doubleclick.net	m.kontrakty.ua 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
2	59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	m.tvzvezda.ru	m.kontrakty.ua
2	tvzvezda.ru	2 redirects
2	inv-nets.admixer.net	cdn.admixer.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	kontrakty.ua	2 redirects
1	sync.adaptv.advertising.com	59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
1	tr.blismedia.com	59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	zakupki.gov.ru Failed	m.kontrakty.ua
0	sberbank.ru Failed	m.kontrakty.ua
0	online.sberbank.ru Failed	m.kontrakty.ua
0	www.vesti.ru Failed	m.kontrakty.ua
0	www.1tv.ru Failed	m.kontrakty.ua
0	en.kremlin.ru Failed	m.kontrakty.ua
0	kremlin.ru Failed	m.kontrakty.ua
138	44

This site contains links to these domains. Also see Links.

Domain
kontrakty.ua

Subject Issuer	Validity	Valid
kontrakty.ua R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
data.kontrakty.ua R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.interfax.ru RU-CENTER High Assurance Services CA 2	`2021-10-25` - `2022-10-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
from-ua.com Cloudflare Inc ECC CA-3	`2021-05-12` - `2022-05-11`	a year	crt.sh
*.lenta.ru GlobalSign ECC OV SSL CA 2018	`2021-12-03` - `2023-01-02`	a year	crt.sh
*.ria.ru RU-CENTER High Assurance Services CA 2	`2021-03-25` - `2022-04-06`	a year	crt.sh
rbc.ru R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.rt.com GeoTrust RSA CA 2018	`2021-05-11` - `2022-06-11`	a year	crt.sh
*.smotrim.ru Thawte RSA CA 2018	`2021-03-25` - `2022-04-25`	a year	crt.sh
*.tass.ru Sectigo RSA Organization Validation Secure Server CA	`2021-12-29` - `2023-01-27`	a year	crt.sh
vsoloviev.ru R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://m.kontrakty.ua/
Frame ID: E464F25E0CAFEFB34070FE6322EBABFE
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: 9C59FDFDBFE8F721309891D965845EC9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44180/c.html?b=44180
Frame ID: 0BABE8935A7F30DC71F80C3E75DD091D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&h=50&slotname=6243009167&adk=3561409151&adf=71512883&pi=t.ma~as.6243009167&w=320&psa=0&format=320x50&url=%2F%2Fkontrakty.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375830&bpp=3&bdt=379&idt=136&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=2722736175772&frm=20&pv=2&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ndKvSTUKhg&p=https%3A//m.kontrakty.ua&dtd=154
Frame ID: D23B0304003FF62AC560935A1FA0178A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&h=100&slotname=3425268440&adk=818464193&adf=3609311622&pi=t.ma~as.3425268440&w=320&psa=0&format=320x100&url=%2F%2Fkontrakty.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375833&bpp=1&bdt=383&idt=165&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=2722736175772&frm=20&pv=1&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KHjR2PlN1H&p=https%3A//m.kontrakty.ua&dtd=168
Frame ID: ABE24AC40CB33A77EC07D9F1E348E91E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&adk=1812271804&adf=3025194257&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=%2F%2Fkontrakty.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375843&bpp=1&bdt=393&idt=161&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C320x100&nras=1&correlator=2722736175772&frm=20&pv=1&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=167
Frame ID: 8DDFAB95640E230234676E1552ABC19E
Requests: 1 HTTP requests in this frame

Frame: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0E6310A4C52562238E39573DB3B52D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js
Frame ID: AEBDE319E9FB00DB3745C73E0EF377A5
Requests: 1 HTTP requests in this frame

Frame: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF736FDE810034190F73CEF66CBDE06D
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE9A6C8D4D2DE37154B627CF7D5D40FC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js
Frame ID: 5913C432495F892910F7507EAD472A06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Контракты онлайн

Page URL History Show full URLs

http://kontrakty.ua/ HTTP 301
https://kontrakty.ua/ HTTP 301
https://m.kontrakty.ua/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

138
Requests

76 %
HTTPS

50 %
IPv6

30
Domains

44
Subdomains

31
IPs

7
Countries

844 kB
Transfer

2210 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://kontrakty.ua/reclama.html
Title: Размещение рекламы

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kontrakty.ua/ HTTP 301
https://kontrakty.ua/ HTTP 301
https://m.kontrakty.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://lenta.ru/?rnd=16458883760761 HTTP 301
https://m.lenta.ru/?rnd=16458883760761

Request Chain 49

https://tvzvezda.ru/?rnd=16458883760761 HTTP 302
https://m.tvzvezda.ru/?rnd=16458883760761

Request Chain 59

https://lenta.ru/?rnd=16458883760782 HTTP 301
https://m.lenta.ru/?rnd=16458883760782

Request Chain 69

https://tvzvezda.ru/?rnd=16458883760782 HTTP 302
https://m.tvzvezda.ru/?rnd=16458883760782

Request Chain 79

https://lenta.ru/?rnd=16458883760783 HTTP 301
https://m.lenta.ru/?rnd=16458883760783

Request Chain 89

https://tvzvezda.ru/?rnd=16458883760783 HTTP 302
https://m.tvzvezda.ru/?rnd=16458883760783

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg

Request Chain 133

https://onetag-sys.com/sync/i,19/?google_gid=CAESEGJtR9Oc0FXE5Ba5TRwEmp8&google_cver=1&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn

Request Chain 134

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGJtR9Oc0FXE5Ba5TRwEmp8&google_cver=1&google_push=AYg5qPJ2hOdTgKJ1X4eINaXihcxh7YjIUIDKC-r2u70MYyPWudBZrHgDPF-YFrtdRHg8wjRSyO0eV5lwoqZptFnusroj2eH4-a_cFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJ2hOdTgKJ1X4eINaXihcxh7YjIUIDKC-r2u70MYyPWudBZrHgDPF-YFrtdRHg8wjRSyO0eV5lwoqZptFnusroj2eH4-a_cFg HTTP 302
https://onetag-sys.com/sync/i,19/?google_error=5

138 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
m.kontrakty.ua/
Redirect Chain

http://kontrakty.ua/
https://kontrakty.ua/
https://m.kontrakty.ua/

24 KB
7 KB

200ms
100ms

Document
text/html

161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 0933f8df7b47dc2e7197415f47a6d595a4d157d847622e7465325778004a8e7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: openresty
Date: Sat, 26 Feb 2022 15:12:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
X-T: 0.053570985794067
X-Controller: 0.053941965103149
X-Execute: 0.058423042297363 0.42188906669617
X-Autoload: 0.0018777847290039 65, 6
X-UA-Compatible: IE=edge
X-FastCGI-Cache: EXPIRED
Content-Encoding: gzip

Redirect headers

Server: openresty
Date: Sat, 26 Feb 2022 15:12:55 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Keep-Alive: timeout=10
Location: https://m.kontrakty.ua/
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK template.css
m.kontrakty.ua/css/ 3 KB
1 KB 40ms
40ms Stylesheet
text/css 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/css/template.css
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 5aee81a1651efdd0e8e59dd7ae8be679097625ff409f7b453a313fee98c4bb74

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Mar 2014 07:57:53 GMT
Server: openresty
ETag: W/"5322b681-ae5"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Keep-Alive: timeout=10
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK icons.css
m.kontrakty.ua/css/ 954 B
680 B 80ms
39ms Stylesheet
text/css 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/css/icons.css
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 2a25e6ed978495951ec59abf38475d23474be3a4761940c536f2dce8352f00a4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Oct 2020 17:39:48 GMT
Server: openresty
ETag: "5f9466e4-144"
Content-Type: text/css
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 324
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK kube.min.css
m.kontrakty.ua/css/ 20 KB
5 KB 118ms
40ms Stylesheet
text/css 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/css/kube.min.css
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 30f02a29bac64ba7e391c727821cb4423e834d38c042799059ad8f4918e453b3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Mar 2014 07:58:19 GMT
Server: openresty
ETag: W/"5322b69b-4efd"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Keep-Alive: timeout=10
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK master.css
m.kontrakty.ua/css/ 723 B
1 KB 118ms
40ms Stylesheet
text/css 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/css/master.css
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 407930060b7c2f0eec1a5e47d76252f839301a9e58aa92c12784fdb3e259f0ca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Mon, 17 Jun 2013 10:09:47 GMT
Server: openresty
ETag: "51bee06b-2d3"
Content-Type: text/css
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 723
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 259ms
83ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 06b36cf6d996895ec58d20d71d424c0d056fd1b6dfe7678fecbcd4a89e4d9363

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 26 Feb 2022 15:12:55 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 15:08:04 GMT
server: nginx
etag: W/"621a4254-2c0e6"
x-cached-since: 2022-02-26T15:09:27+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Sat, 26 Feb 2022 15:19:27 GMT

GET
H/1.1 200
OK facebook_com_kyivcity_gov_ua_35_650x410_26.02.22.jpg
data.kontrakty.ua/cache/www/300,150/images/stories/ 11 KB
12 KB 177ms
77ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/300,150/images/stories/facebook_com_kyivcity_gov_ua_35_650x410_26.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: dde36d3393648e3fd9d0986e22681aa33e1d5070a50e5e2a0d01f9092f9bab71

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Feb 2022 15:12:55 GMT
Server: Microsoft-IIS/7.5
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: , *.kontrakty.ua
Access-Control-Allow-Credentials: true
X-GEN: TRUE
Connection: keep-alive
Keep-Alive: timeout=10
Retry-After: Sun, 27 Feb 2022 17:12:55 +0200
X-UA-Compatible: IE=edge

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 169ms
86ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa9daa474e1cc9336a50452b90842a7a0731361320a2c9bc7ba1b270afbfb279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53773
x-xss-protection: 0
server: cafe
etag: 10286365684214431723
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK aerial-view-of-various-coffee_26.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 3 KB
3 KB 217ms
118ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/aerial-view-of-various-coffee_26.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: f1cdc84bef65eff8fcefaa6dc752ee7686bfd1da812eb27cf194305ea4d00fce

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Feb 2022 15:12:55 GMT
Server: Microsoft-IIS/7.5
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: , *.kontrakty.ua
Access-Control-Allow-Credentials: true
X-GEN: TRUE
Connection: keep-alive
Keep-Alive: timeout=10
Retry-After: Sun, 27 Feb 2022 17:12:55 +0200
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK 630_360_1514467919-4008_26.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 3 KB
3 KB 149ms
50ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/630_360_1514467919-4008_26.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: d68f896be68bb5972f012d486c76af780945334a7f6662064a5879075eb1adef

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Sat, 26 Feb 2022 15:04:05 GMT
Server: openresty
ETag: "621a4165-bfd"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 3069
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK 630_360_1645870926-256_26.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 3 KB
3 KB 150ms
50ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/630_360_1645870926-256_26.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 7292bcf4720de79b8558c82ba3fbd592652e3d686cb3e58a1e5f7a77ee8ebacb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Sat, 26 Feb 2022 14:42:35 GMT
Server: openresty
ETag: "621a3c5b-af4"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 2804
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK _pasta_freepik_com_650x410_26.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 3 KB
3 KB 138ms
39ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/_pasta_freepik_com_650x410_26.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 2a58d2b27c2d2b801dcd06e547f942ba174fce5f2f0621abd2e31ca45cad79aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Sat, 26 Feb 2022 14:20:57 GMT
Server: openresty
ETag: "621a3749-c0b"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 3083
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK chf1_181021_550_1__650x410_1_650x410_25.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 2 KB
2 KB 139ms
38ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/chf1_181021_550_1__650x410_1_650x410_25.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 4eae4f2e453ea09fd58fcc921cffd417c6c7bcd21e28b940680605e90b6754aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Sat, 26 Feb 2022 02:02:52 GMT
Server: openresty
ETag: "62198a4c-6b4"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1716
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK _gettyimages_1233901681_3_1300x820_1_650x410_25.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 3 KB
3 KB 39ms
39ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/_gettyimages_1233901681_3_1300x820_1_650x410_25.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 8d4ae1cf6ab7adc95886741318f58bfb74e3db89de06838125e54e7710bbeebf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Fri, 25 Feb 2022 17:50:23 GMT
Server: openresty
ETag: "621916df-a95"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 2709
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK image_2022_02_24_05_52_28_1_480x270.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 2 KB
2 KB 39ms
39ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/image_2022_02_24_05_52_28_1_480x270.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 030e691c53fe50cc2032d4aba8946332eec105229b04dd7e1a6a2549c7f5590f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Thu, 24 Feb 2022 09:47:01 GMT
Server: openresty
ETag: "62175415-758"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1880
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK Lavr_Pytin_14.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 3 KB
4 KB 40ms
39ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/Lavr_Pytin_14.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: a7fc43568d7f616049a321e68d3206d814ae915ced002a56a8b52450c5c262c1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Mon, 14 Feb 2022 17:54:44 GMT
Server: openresty
ETag: "620a9764-cb1"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 3249
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK photo_2022-02-25_20-22-57_26.02.22.jpg
data.kontrakty.ua/cache/www/120,80/images/stories/ 4 KB
4 KB 40ms
40ms Image
image/jpeg 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.kontrakty.ua/cache/www/120,80/images/stories/photo_2022-02-25_20-22-57_26.02.22.jpg
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: a11958ef48b56127be9f7502a09b1256f443ff61b3443f54f65d62c0b99ec491

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Fri, 25 Feb 2022 20:50:17 GMT
Server: openresty
ETag: "62194109-e1b"
Content-Type: image/jpeg
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 3611
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 0
230 B 126ms
36ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a53252f8-0f5b-4086-9c6f-a9c92966cfa1
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 8 KB
8 KB 128ms
38ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=1799c027-b1c2-4e5b-b5c1-d16137927700&modules=catfishFloatType
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: db8533966ea08de80f74a636022baf39c27c2369218367c50514b4417a87b8a9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK font.css
m.kontrakty.ua/css/ 2 KB
1 KB 77ms
40ms Stylesheet
text/css 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/css/font.css
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: a465f215b29b9cb19ab1b57daa53d47c51dff65079002ae665936f0df420db56

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/css/template.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jun 2013 13:40:18 GMT
Server: openresty
ETag: W/"51c06342-926"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Keep-Alive: timeout=10
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK menu-icon.png
m.kontrakty.ua/img/ 1 KB
1 KB 40ms
39ms Image
image/png 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.kontrakty.ua/img/menu-icon.png
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: e67d6e5346c9f9990ce390990a5f00cf48facf941df6bfab6c710fa8585a53cf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/css/template.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Tue, 18 Jun 2013 12:57:56 GMT
Server: openresty
ETag: "51c05954-462"
Content-Type: image/png
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1122
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H/1.1 200
OK icomoon.woff
m.kontrakty.ua/fonts/ 6 KB
6 KB 40ms
40ms Font
font/woff 161.35.18.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://m.kontrakty.ua/fonts/icomoon.woff
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/css/font.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.18.52 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 00071a0992c715ec565c22d5618faed9c40bfa4d02a33fcac4f228b2d597f655

Request headers

Referer: https://m.kontrakty.ua/css/font.css
Origin: https://m.kontrakty.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Sat, 26 Feb 2022 15:12:55 GMT
Last-Modified: Tue, 18 Jun 2013 13:37:57 GMT
Server: openresty
ETag: "51c062b5-1628"
Content-Type: font/woff
Cache-Control: max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 5672
Expires: Sun, 27 Feb 2022 15:12:55 GMT

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 225 KB
83 KB 233ms
83ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,catfishFloatType,currency,intersectionRtdProvider,schain,smartadserverBidAdapter&dev=true&rnd=268435462&hash=1297728892
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=1799c027-b1c2-4e5b-b5c1-d16137927700&modules=catfishFloatType
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 32310c9f572cf6cb69f1543996d9a299170f634fde6218442c408c7871d6affe

Request headers

Referer: https://m.kontrakty.ua/
Origin: https://m.kontrakty.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 26 Feb 2022 15:12:55 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 18:06:51 GMT
server: nginx
etag: W/"61e9a4bb-3832f"
vary: Accept-Encoding
x-cached-since: 2022-02-25T04:32:36+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Sun, 26 Feb 2023 04:32:36 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ 505 B
581 B 120ms
75ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=1799c027-b1c2-4e5b-b5c1-d16137927700&modules=catfishFloatType
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 00dd96081977e3c4392669bd136716d853546208a5259586111293d312b6596f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 26 Feb 2022 15:12:55 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:31:56 GMT
server: nginx
etag: W/"6063365c-1f9"
vary: Accept-Encoding
x-cached-since: 2022-02-02T13:18:04+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Fri, 03 Feb 2023 13:18:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3379969116950199&plah=m.kontrakty.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4545ea775b4d568be77c65ae999a56d7a3d62f832427801973bfed3dc9d814c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 9197668695526345071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Feb 2022 15:12:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame 9C59 10 KB
5 KB 121ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 26 Feb 2022 04:58:03 GMT
expires: Sat, 12 Mar 2022 04:58:03 GMT
cache-control: public, max-age=1209600
age: 36892
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 443ms
347ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

1b634ddda5dfa7f66b67e4fe703073c46d3d7cf50f8cb5cb9e326f9baae08ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27405
x-xss-protection: 0
server: sffe
etag: "1143 / 752 of 1000 / last-modified: 1645830345"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Feb 2022 15:12:56 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44180/ Frame 0BAB 738 B
508 B 78ms
77ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44180/c.html?b=44180
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

server: nginx
date: Sat, 26 Feb 2022 15:12:56 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 15:08:18 GMT
vary: Accept-Encoding
etag: W/"621a4262-2e2"
expires: Mon, 27 Feb 2023 15:09:28 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T15:09:28+00:00
x-id: fr5-up-gc33
content-encoding: gzip

GET
H2 200 0967ebea4a2a8854ab82.b.js Show response
cdn.admixer.net/scripts3/44180/ 23 KB
8 KB 81ms
81ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44180/0967ebea4a2a8854ab82.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 15:08:05 GMT
server: nginx
etag: W/"621a4255-5d41"
vary: Accept-Encoding
x-cached-since: 2022-02-26T15:09:28+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 15:09:28 GMT

GET
H2 200 745c210e0981087636bb.b.js Show response
cdn.admixer.net/scripts3/44180/ 75 KB
20 KB 89ms
88ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44180/745c210e0981087636bb.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4228774a5c28f8b4625ad77fbe9bd484979ec75bdbb57f1339802dc0388a16a7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 15:08:12 GMT
server: nginx
etag: W/"621a425c-12cd6"
vary: Accept-Encoding
x-cached-since: 2022-02-26T15:09:28+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 15:09:28 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 44ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=m.kontrakty.ua&callback=_gfp_s_&client=ca-pub-3379969116950199

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3379969116950199&plah=m.kontrakty.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c2907d59f3f82d0c45c8217536b9e91365cee0b10ca01ccdf716db40bf81a01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 125ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=m.kontrakty.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
46ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.kontrakty.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D23B 61 KB
24 KB 545ms
502ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&h=50&slotname=6243009167&adk=3561409151&adf=71512883&pi=t.ma~as.6243009167&w=320&psa=0&format=320x50&url=%2F%2Fkontrakty.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375830&bpp=3&bdt=379&idt=136&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=2722736175772&frm=20&pv=2&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ndKvSTUKhg&p=https%3A//m.kontrakty.ua&dtd=154

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42440475dee1db5ffb081e8ee8323e11659e1037740a35743a26329334971451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Feb 2022 15:12:56 GMT
server: cafe
content-length: 24070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Feb 2022 15:12:56 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABE2 603 B
68 B 289ms
262ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&h=100&slotname=3425268440&adk=818464193&adf=3609311622&pi=t.ma~as.3425268440&w=320&psa=0&format=320x100&url=%2F%2Fkontrakty.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375833&bpp=1&bdt=383&idt=165&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=2722736175772&frm=20&pv=1&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KHjR2PlN1H&p=https%3A//m.kontrakty.ua&dtd=168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Feb 2022 15:12:56 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Feb 2022 15:12:56 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DDF 0
19 B 60ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&adk=1812271804&adf=3025194257&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=%2F%2Fkontrakty.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375843&bpp=1&bdt=393&idt=161&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C320x100&nras=1&correlator=2722736175772&frm=20&pv=1&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=167

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 26 Feb 2022 15:12:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Feb 2022 15:12:56 GMT
cache-control: private

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
504 B 156ms
77ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,catfishFloatType,currency,intersectionRtdProvider,schain,smartadserverBidAdapter&dev=true&rnd=268435462&hash=1297728892

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.kontrakty.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 26 Feb 2022 15:12:56 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://m.kontrakty.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 502
Bad Gateway /
www.interfax.ru/ 0
0 235ms
97ms Image
text/html 178.248.233.231
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interfax.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.231 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 403 /
golospravdy.eu/ 0
0 114ms
40ms Image
text/html 2606:4700:3108::ac42:2afa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golospravdy.eu/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 502 /
from-ua.com/ 0
0 184ms
93ms Image
text/html 2606:4700:20::ac43:458f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://from-ua.com/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:458f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1

200
OK

/
m.lenta.ru/
Redirect Chain

https://lenta.ru/?rnd=16458883760761
https://m.lenta.ru/?rnd=16458883760761

0
0

224ms
165ms

Image
text/html

178.248.235.122
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.lenta.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Server: 178.248.235.122 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

Date: Sat, 26 Feb 2022 15:12:56 GMT
Server: QRATOR
Vary: User-Agent
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location: https://m.lenta.ru/?rnd=16458883760761
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=15

GET
H/1.1 200
OK /
m.lenta.ru/ 0
0 238ms
160ms Image
text/html 178.248.235.122
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.lenta.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.122 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable /
ria.ru/ 0
0 20231ms
20157ms Image
text/html 178.248.233.32
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ria.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.32 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable /
ria.ru/lenta/ 0
0 20242ms
20167ms Image
text/html 178.248.233.32
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ria.ru/lenta/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.32 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 200
OK /
www.rbc.ru/ 0
0 278ms
199ms Image
text/html 178.248.234.119
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.234.119 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 /
www.rt.com/ 0
0 440ms
214ms Image
text/html 2604:9a00:2100:a017::170
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rt.com/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:9a00:2100:a017::170 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
kremlin.ru/ 0
0

GET /
en.kremlin.ru/ 0
0

GET
H/1.1 503
Service Temporarily Unavailable /
smotrim.ru/ 0
0 2291ms
114ms Image
text/html 80.247.32.208
VGTRK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smotrim.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.247.32.208 Moscow, Russian Federation, ASN25292 (VGTRK-AS, RU),
Reverse DNS: front-farm-https.rfn.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 200
OK /
tass.ru/ 0
0 607ms
315ms Image
text/html 82.202.190.240
KL-KDP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tass.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.190.240 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1

200
OK

/
m.tvzvezda.ru/
Redirect Chain

https://tvzvezda.ru/?rnd=16458883760761
https://m.tvzvezda.ru/?rnd=16458883760761

0
0

11617ms
11537ms

Image
text/html

178.248.234.76
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tvzvezda.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Server: 178.248.234.76 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

Date: Sat, 26 Feb 2022 15:12:56 GMT
Server: QRATOR
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/html
Location: https://m.tvzvezda.ru/?rnd=16458883760761
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Cache-Control,Content-Type
Content-Length: 138
Keep-Alive: timeout=15

GET
H2 403 /
vsoloviev.ru/ 0
0 111ms
39ms Image
text/html 186.2.163.126
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsoloviev.ru/?rnd=16458883760761
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 186.2.163.126 , Netherlands, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
www.1tv.ru/ 0
0

GET /
www.vesti.ru/ 0
0

GET /
online.sberbank.ru/ 0
0

GET /
sberbank.ru/ 0
0

GET /
zakupki.gov.ru/ 0
0

GET
H/1.1 502
Bad Gateway /
www.interfax.ru/ 0
0 165ms
96ms Image
text/html 178.248.233.231
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interfax.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.231 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 403 /
golospravdy.eu/ 0
0 83ms
46ms Image
text/html 2606:4700:3108::ac42:2afa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golospravdy.eu/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 502 /
from-ua.com/ 0
0 81ms
80ms Image
text/html 2606:4700:20::ac43:458f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://from-ua.com/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:458f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1

200
OK

/
m.lenta.ru/
Redirect Chain

https://lenta.ru/?rnd=16458883760782
https://m.lenta.ru/?rnd=16458883760782

0
0

240ms
168ms

Image
text/html

178.248.235.122
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.lenta.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Server: 178.248.235.122 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

Date: Sat, 26 Feb 2022 15:13:01 GMT
Server: QRATOR
Vary: User-Agent
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location: https://m.lenta.ru/?rnd=16458883760782
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=15

GET
H/1.1 200
OK /
m.lenta.ru/ 0
0 239ms
179ms Image
text/html 178.248.235.122
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.lenta.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.122 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 200
OK /
ria.ru/ 0
0 11358ms
11275ms Image
text/html 178.248.233.32
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ria.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.32 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
ria.ru/lenta/ 0
0

GET
H/1.1 200
OK /
www.rbc.ru/ 0
0 261ms
195ms Image
text/html 178.248.234.119
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.234.119 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 /
www.rt.com/ 0
0 254ms
249ms Image
text/html 2604:9a00:2100:a017::170
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rt.com/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:9a00:2100:a017::170 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
kremlin.ru/ 0
0

GET /
en.kremlin.ru/ 0
0

GET
H/1.1 503
Service Temporarily Unavailable /
smotrim.ru/ 0
0 467ms
133ms Image
text/html 80.247.32.208
VGTRK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smotrim.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.247.32.208 Moscow, Russian Federation, ASN25292 (VGTRK-AS, RU),
Reverse DNS: front-farm-https.rfn.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 200
OK /
tass.ru/ 0
0 357ms
218ms Image
text/html 82.202.190.240
KL-KDP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tass.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.190.240 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1

200
OK

/
m.tvzvezda.ru/
Redirect Chain

https://tvzvezda.ru/?rnd=16458883760782
https://m.tvzvezda.ru/?rnd=16458883760782

0
0

5703ms
5636ms

Image
text/html

178.248.234.76
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tvzvezda.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Server: 178.248.234.76 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

Date: Sat, 26 Feb 2022 15:13:14 GMT
Server: QRATOR
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/html
Location: https://m.tvzvezda.ru/?rnd=16458883760782
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Cache-Control,Content-Type
Content-Length: 138
Keep-Alive: timeout=15

GET
H2 403 /
vsoloviev.ru/ 0
0 81ms
76ms Image
text/html 186.2.163.126
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsoloviev.ru/?rnd=16458883760782
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 186.2.163.126 , Netherlands, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
www.1tv.ru/ 0
0

GET /
www.vesti.ru/ 0
0

GET /
online.sberbank.ru/ 0
0

GET /
sberbank.ru/ 0
0

GET /
zakupki.gov.ru/ 0
0

GET
H/1.1 502
Bad Gateway /
www.interfax.ru/ 0
0 159ms
94ms Image
text/html 178.248.233.231
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.interfax.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.231 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 403 /
golospravdy.eu/ 0
0 39ms
34ms Image
text/html 2606:4700:3108::ac42:2afa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://golospravdy.eu/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 502 /
from-ua.com/ 0
0 83ms
78ms Image
text/html 2606:4700:20::ac43:458f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://from-ua.com/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:458f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1

200
OK

/
m.lenta.ru/
Redirect Chain

https://lenta.ru/?rnd=16458883760783
https://m.lenta.ru/?rnd=16458883760783

0
0

223ms
164ms

Image
text/html

178.248.235.122
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.lenta.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Server: 178.248.235.122 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

Date: Sat, 26 Feb 2022 15:13:13 GMT
Server: QRATOR
Vary: User-Agent
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location: https://m.lenta.ru/?rnd=16458883760783
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=15

GET
H/1.1 200
OK /
m.lenta.ru/ 0
0 234ms
169ms Image
text/html 178.248.235.122
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.lenta.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.235.122 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
ria.ru/ 0
0

GET /
ria.ru/lenta/ 0
0

GET
H/1.1 200
OK /
www.rbc.ru/ 0
0 276ms
210ms Image
text/html 178.248.234.119
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rbc.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.234.119 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 /
www.rt.com/ 0
0 1415ms
1410ms Image
text/html 2604:9a00:2100:a017::170
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rt.com/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:9a00:2100:a017::170 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
kremlin.ru/ 0
0

GET /
en.kremlin.ru/ 0
0

GET
H/1.1 503
Service Temporarily Unavailable /
smotrim.ru/ 0
0 2723ms
1429ms Image
text/html 80.247.32.208
VGTRK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smotrim.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.247.32.208 Moscow, Russian Federation, ASN25292 (VGTRK-AS, RU),
Reverse DNS: front-farm-https.rfn.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 200
OK /
tass.ru/ 0
0 368ms
222ms Image
text/html 82.202.190.240
KL-KDP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tass.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.190.240 , Russian Federation, ASN209030 (KL-KDP, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET

/
m.tvzvezda.ru/
Redirect Chain

https://tvzvezda.ru/?rnd=16458883760783
https://m.tvzvezda.ru/?rnd=16458883760783

0
0

GET
H2 403 /
vsoloviev.ru/ 0
0 49ms
45ms Image
text/html 186.2.163.126
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsoloviev.ru/?rnd=16458883760783
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 186.2.163.126 , Netherlands, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET /
www.1tv.ru/ 0
0

GET /
www.vesti.ru/ 0
0

GET /
online.sberbank.ru/ 0
0

GET /
sberbank.ru/ 0
0

GET /
zakupki.gov.ru/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
241 B 43ms
39ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.kontrakty.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEyAEyB2vStR56B5L

Response headers

Access-Control-Allow-Origin: https://m.kontrakty.ua
Date: Sat, 26 Feb 2022 15:13:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 pubads_impl_2022022201.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 79ms
36ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 13:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125154
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:34:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Feb 2023 13:34:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 117 B
123 B 88ms
45ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.kontrakty.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

037ddba9de32cd2e9361db1595197d8efa72d43c56754acdc92448ca267ef7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Sat, 26 Feb 2022 15:12:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 87ms
43ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=m.kontrakty.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 89ms
45ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.kontrakty.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 105 KB
33 KB 362ms
362ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=207437427386729&correlator=924641234588098&output=ldjh&impl=fifs&eid=31064905%2C31065295%2C44757101&vrg=2022022201&ptt=17&sc=1&sfv=1-0-38&ecs=20220226&iu_parts=29636627%3A22645080369%2Ckontrakty.ua_320%D1%85250_catfish_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100%7C300x50%7C300x75%7C320x50%7C320x75%7C320x100%7C320x250&eri=1&cookie=ID%3Dd896fe34161db73e-228af1764dcd00e6%3AT%3D1645888375%3ART%3D1645888375%3AS%3DALNI_MZiqVtd1tYebI_nPH7rz7N5fgx3RQ&bc=31&abxe=1&dt=1645888376549&lmt=1645888376&dlt=1645888375450&idt=1048&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=2675&ucis=1&adks=1365402155&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fm.kontrakty.ua%2F&vis=1&scr_x=0&scr_y=0&psz=1600x2654&msz=1600x0&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c752817d54c6369cf49972be2cf117e9cd1d2ddb8e3ba056f1d9c529f5ea50b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33725
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.kontrakty.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C0E6 6 KB
4 KB 161ms
42ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 26 Feb 2022 15:12:56 GMT
expires: Sun, 26 Feb 2023 15:12:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame D23B 7 KB
1 KB 124ms
44ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3379969116950199&output=html&h=50&slotname=6243009167&adk=3561409151&adf=71512883&pi=t.ma~as.6243009167&w=320&psa=0&format=320x50&url=%2F%2Fkontrakty.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645888375830&bpp=3&bdt=379&idt=136&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=2722736175772&frm=20&pv=2&ga_vid=124734457.1645888376&ga_sid=1645888376&ga_hid=615828501&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C182982100%2C182982300&oid=2&pvsid=207437427386729&pem=520&tmod=2023288240&uas=0&nvt=1&loc=https%3A%2F%2Fm.kontrakty.ua%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ndKvSTUKhg&p=https%3A//m.kontrakty.ua&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

913b157f2689c81cfbf6940661dad51919048b2af4edfd4b956eeda00850a42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 14:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Feb 2022 15:12:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Feb 2022 15:12:56 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame D23B 2 KB
984 B 136ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:08:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame D23B 19 KB
8 KB 126ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:02:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame D23B 2 KB
1 KB 134ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:02:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D23B 124 KB
39 KB 252ms
172ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Feb 2022 15:12:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame D23B 15 KB
6 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:01:50 GMT

GET
H2 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame D23B 28 KB
12 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 11:03:55 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4263472231497621540/ Frame D23B 3 KB
3 KB 134ms
46ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4263472231497621540/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0a288dbdecaf9e6a38e6e0c29115b0989d29b10294833bff5b5879fd80eb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 21 Feb 2022 02:35:04 GMT
x-content-type-options: nosniff
age: 477472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2681
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 16:01:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Feb 2023 02:35:04 GMT

GET
DATA 200
OK truncated
/ Frame D23B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc57a2277ce5318c567047623888b60d09b10ced1600c9875f58464678a079dd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js Show response
pagead2.googlesyndication.com/bg/ Frame AEBD 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

891bbb47d2add07dd4c05d7ecd02bb2cb830225f03691961af7aa92931c20c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 12:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 12:58:16 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
241 B 42ms
39ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.kontrakty.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKS8UMGoj5mz9urU8

Response headers

Access-Control-Allow-Origin: https://m.kontrakty.ua
Date: Sat, 26 Feb 2022 15:13:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF73 6 KB
3 KB 79ms
35ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://m.kontrakty.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Feb 2022 15:12:56 GMT
expires: Sun, 26 Feb 2023 15:12:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame EF73 8 KB
895 B 89ms
45ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e114394d6b0349144b28d679b6c44fcadbcab634789db73b84ca6e4b55c61dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 14:15:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Feb 2022 15:12:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Feb 2022 15:12:57 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame EF73 2 KB
904 B 90ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:08:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF73 0
0 111ms
110ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBQbXeEMaYvLeJrGI9u8PlLyt-Aroso6laJ3Aq6GVD2QQASDj4LwjYLuGgIDQCqABt4TL_APIAQmpAqdKxp2TgbY-4AIAqAMByAPLBKoEmQJP0Ng72ANVM7khcSjEZGOMM08jKYGsF43qJhskjpA1cHdYd-RDdeLqvFSTo1m3sRmyPuYkTxq7XXxM2xTWnOqT17UxD85H4rcSZaae0CJY9AOxtuts5g3_i9CDHMBaGxBH255yGTYvO_uMFo_7LtwgzhAUmVr41TfLR_yvGPUTJO2mkiWLif5JqgZjSRdZNP934Ha_EInR2mO_QnzHW_et7zSK-Hy1Qunwi3G7dwy4Blc2PEH-91bHzmV4CDERambpOMx28o7bqf2s4pYuvQ6WVE70GK4F7AvoK0oP04Z6mG6_ZqYEHJ1XaIwG8OOtAPEHmKo98UHRBQaXZi9cbXSTL3Hjwr5xfjcJHz2XTtp2aIi4qlrz060HkcAEncTS9soD4AQBiAXjgsPpM5IFBAgEGAGSBQQIBRgEoAYu2AYCgAex-7QDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDWgCPexqASwCALSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUxMTg0Mzg3MTk0MjkxNjOACgPICwGYDKKe0o2_A7gTgwTYEw6CFBAaDm0ua29udHJha3R5LnVh0BUBmBYBgBcBshceChwIABIUcHViLTMzNzk5NjkxMTY5NTAxOTkYi7oS&sigh=JiyO-eBHHcU&uach_m=[UACH]&template_id=515
Requested by: Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame EF73 19 KB
8 KB 79ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:08:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame EF73 2 KB
1 KB 90ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:03:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame EF73 15 KB
6 KB 83ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 15:06:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF73 124 KB
38 KB 93ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Feb 2022 15:12:57 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame EF73 28 KB
12 KB 80ms
35ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 11:03:55 GMT

GET
H2 200 data=65US9ZPSxMTDDqPh5mt0kBx-9B4KB1crJH_i4aQGtQZciIaQ19KwUcIhKmh8yU42Cn8bOGov2B3VNtV0mOMD7pss1Gw-mjgQZxHeUsxBw0cqqwLLFeufrwcXNzY5oQk
mts0.google.com/vt/ Frame EF73 32 KB
33 KB 152ms
45ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=65US9ZPSxMTDDqPh5mt0kBx-9B4KB1crJH_i4aQGtQZciIaQ19KwUcIhKmh8yU42Cn8bOGov2B3VNtV0mOMD7pss1Gw-mjgQZxHeUsxBw0cqqwLLFeufrwcXNzY5oQk

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6cff0a2d98662893fc36818707bcbf93a5c6e7468abb96622c290465ad34210d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
age: 0
date: Sat, 26 Feb 2022 15:12:57 GMT
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33033
x-xss-protection: 0
x-server-version-bin: CggIBBDkhN2QBg==
server: scaffolding on HTTPServer2
etag: 0910ad0aba1c6f5f8
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2328
expires: Sat, 26 Feb 2022 15:51:45 GMT

GET
DATA 200
OK truncated
/ Frame EF73 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EF73 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE9A 1 KB
749 B 35ms
34ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 26 Feb 2022 05:53:44 GMT
expires: Sun, 27 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 33553
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EF73 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02e79388cf1cdfc62e53705da40482f9f76652804680d343c301e4d19d2037b3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame EF73 28 KB
28 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f389e83ac014e726db63d9ce25e782501ef88fb2699edead3cc9a0cb6373fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:09:29 GMT
x-content-type-options: nosniff
age: 335008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28260
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:55:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:09:29 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame EE9A 0
104 B 137ms
54ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELIeLcq8LE2YNACMSj_c6Zo&google_cver=1&google_push=AYg5qPLyNNwPjlSKo-EAUdVq1Iez0m49cA1gk2ICofdbvqu9-6sY_-2HhRGLj3OxZYOGG9oVOB4_Zh1QTLPcyIlHbX_OGOzV-JI
Requested by: Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 15:12:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EE9A 0
173 B 90ms
34ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH__XunJQRgK8_dJrZRHEms&google_cver=1&google_push=AYg5qPJdLbhFtNjNk49IK-8I_6HMTFduuv7j1XGMEjYp3qSe5c3cM5I0bpEarVBq7yEkR0eJzDaKSFzDl1x2T-DGUCsyT55ncl4V
Requested by: Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame EE9A 14 B
14 B 421ms
96ms Image
text/plain 54.156.164.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESELEcohg8CPi2CvvO3Tblns8&google_cver=1&google_push=AYg5qPJimPcCsmL8dfi6Q0D0hrJ-UGSVV6Qv-TS_LSwjHg9YDPVL9mqJa4I2UAH1aA0bsrZz28EehzpA6Ic2wDwIEW7pbSyQZV4u
Requested by: Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.164.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-164-26.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET

pixel
cm.g.doubleclick.net/ Frame EE9A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame EE9A
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEGJtR9Oc0FXE5Ba5TRwEmp8&google_cver=1&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn

0
0

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame EE9A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGJtR9Oc0FXE5Ba5TRwEmp8&google_cver=1&google_push=AYg5qPJ2hOdTgKJ1X4eINaXihcxh7YjIUIDKC-r2u70MYyPWudBZrHgDPF-YFrtdRHg8wjRSyO0eV5lwoqZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJ2hOdTgKJ1X4eINaXihcxh7YjIUIDKC-r2u70MYyPWudBZrHgDPF-YFrtdRHg8wjRSyO0eV5lwoqZptFnusroj2eH4-a_cFg
https://onetag-sys.com/sync/i,19/?google_error=5

0
148 B

35ms
35ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?google_error=5

Requested by

Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 26 Feb 2022 15:12:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/sync/i,19/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EE9A 0
232 B 121ms
43ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KF2kz0JAZ1y34_RBArKsWoaDXckk-QWTkLA4OSnW_8T3MSuy0TNqBs9TjWe3GYJdU

Requested by

Host: 59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
URL: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 15:12:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5913 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js

Requested by

Host: m.kontrakty.ua
URL: https://m.kontrakty.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

891bbb47d2add07dd4c05d7ecd02bb2cb830225f03691961af7aa92931c20c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 26 Feb 2022 12:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 12:58:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D23B 42 B
64 B 120ms
72ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1fbIM7xj2X0-fX_lwOTP3twW-WnMMGgS80gmQCn6H0eV9afVpEmlmHghv7KGI2Lu5ZWTmYBOTtopDJQPFlJ31jyPX8Z79cbA3FD2u3O8p28XMvI3mcw&sai=AMfl-YQ-keftlGRIA302dmruxcZ5uV9jiuilraN2nQzEgvfTW_egh5h6n9FttH-PDF91aQ5GrcbuFnYiBsOM&sig=Cg0ArKJSzPZYIlhT5tY3EAE&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3561409151&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645888375985&rpt=925&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 15:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF73 0
0 72ms
71ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx4-beEMaYvLeJrGI9u8PlLyt-Aroso6laJ3Aq6GVD2QQASDj4LwjYLuGgIDQCqABt4TL_APIAQmpAqdKxp2TgbY-4AIAqAMBqgSZAk_Q2DvYA1UzuSFxKMRkY4wzTyMpgawXjeomGySOkDVwd1h35EN14uq8VJOjWbexGbI-5iRPGrtdfEzbFNac6pPXtTEPzkfitxJlpp7QIlj0A7G262zmDf-L0IMcwFobEEfbnnIZNi87-4wWj_su3CDOEBSZWvjVN8tH_K8Y9RMk7aaSJYuJ_kmqBmNJF1k0_3fgdr8QidHaY79CfMdb963vNIr4fLVC6fCLcbt3DLgGVzY8Qf73VsfOZXgIMRFqZuk4zHbyjtup_azili69DpZUTvQYrgXsC-grSg_ThnqYbr9mpgQcnVdojAbw460A8QeYqj3xQdEFBpdmL1xtdJMvcePCvnF-NwkfPZdO2nZoiLiqWvPTrQeRwASdxNL2ygPgBAGIBeOCw-kzkgUECAQYAZIFBAgFGASgBi7YBgKAB7H7tAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCQNaAI97GoBLAIAtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTExODQzODcxOTQyOTE2M4AKA8gLAZgMop7Sjb8DuBODBNgTDoIUEBoObS5rb250cmFrdHkudWHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzM3OTk2OTExNjk1MDE5ORiLuhI&sigh=sZC0d4Ap04A&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF73 42 B
64 B 107ms
106ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPif9MIjG5djMC9KFj_YbjsXELWjxFRlXvjsb4vJeOwUERwixTWo4SLQfPtqVcaYKEIrnbEY1u5W0_ZgiCayAxtGSu2P1qoFYQ0ncxDUaFn4V7gnzLcYQ3SSo9akBQvi6bJSqpVaShtVAevKbmRdx3dBDGnjkMdg&sai=AMfl-YR45uywI_hta110F3901vPYzpQvzO3_agLZSbd-9kJ6CdDIFHovr0amTe1qyfcwCshuOmhvScWxs_iElqDtySCpIXW-L2DiAICg3JJYG50l0IlqrSOLi9w9-plZ&sig=Cg0ArKJSzPKkk-pQi4gjEAE&cid=CAASF-RoiUC3AHyg6IUWLj3_k8pKuFlKcsJa&id=lidar2&mcvt=1001&p=900,640,1150,960&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&app=0&itpl=22&adk=1365402155&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1645888376938&rpt=405&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 15:12:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ 61 B
532 B 36ms
35ms XHR
application/json 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=c173b298-0a28-425a-b535-1f583e203d71

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

654ad09dc5b24b1f579d3fb98a5cf9dffbb9ef20c920350ed26307b34822eab6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.kontrakty.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 26 Feb 2022 15:12:59 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://m.kontrakty.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=25
X-XSS-Protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kremlin.ru
URL: https://kremlin.ru/?rnd=16458883760761

Domain: en.kremlin.ru
URL: https://en.kremlin.ru/?rnd=16458883760761

Domain: www.1tv.ru
URL: https://www.1tv.ru/?rnd=16458883760761

Domain: www.vesti.ru
URL: https://www.vesti.ru/?rnd=16458883760761

Domain: online.sberbank.ru
URL: https://online.sberbank.ru/?rnd=16458883760761

Domain: sberbank.ru
URL: https://sberbank.ru/?rnd=16458883760761

Domain: zakupki.gov.ru
URL: https://zakupki.gov.ru/?rnd=16458883760761

Domain: ria.ru
URL: https://ria.ru/lenta/?rnd=16458883760782

Domain: kremlin.ru
URL: https://kremlin.ru/?rnd=16458883760782

Domain: en.kremlin.ru
URL: https://en.kremlin.ru/?rnd=16458883760782

Domain: www.1tv.ru
URL: https://www.1tv.ru/?rnd=16458883760782

Domain: www.vesti.ru
URL: https://www.vesti.ru/?rnd=16458883760782

Domain: online.sberbank.ru
URL: https://online.sberbank.ru/?rnd=16458883760782

Domain: sberbank.ru
URL: https://sberbank.ru/?rnd=16458883760782

Domain: zakupki.gov.ru
URL: https://zakupki.gov.ru/?rnd=16458883760782

Domain: ria.ru
URL: https://ria.ru/?rnd=16458883760783

Domain: ria.ru
URL: https://ria.ru/lenta/?rnd=16458883760783

Domain: kremlin.ru
URL: https://kremlin.ru/?rnd=16458883760783

Domain: en.kremlin.ru
URL: https://en.kremlin.ru/?rnd=16458883760783

Domain: m.tvzvezda.ru
URL: https://m.tvzvezda.ru/?rnd=16458883760783

Domain: www.1tv.ru
URL: https://www.1tv.ru/?rnd=16458883760783

Domain: www.vesti.ru
URL: https://www.vesti.ru/?rnd=16458883760783

Domain: online.sberbank.ru
URL: https://online.sberbank.ru/?rnd=16458883760783

Domain: sberbank.ru
URL: https://sberbank.ru/?rnd=16458883760783

Domain: zakupki.gov.ru
URL: https://zakupki.gov.ru/?rnd=16458883760783

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.kontrakty.ua/	1969-12-31 23:59:59	Name: Value: store.test
m.kontrakty.ua/	1970-01-20 01:54:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.admixer.net/	1970-01-20 03:21:04	Name: am-uid Value: 7bfd5eb1bb114a31ab0f3353c7cec057
.vsoloviev.ru/	1970-01-20 09:57:04	Name: __ddgid Value: NcjhXkTxWnTBUQds
.vsoloviev.ru/	1970-01-20 01:12:54	Name: __ddgmark Value: PlCpIoWoJ8AkclMo
.vsoloviev.ru/	1970-01-20 01:11:39	Name: __ddg5 Value: DvLbUcMoDepXuHD0
.doubleclick.net/	1970-01-20 10:33:04	Name: IDE Value: AHWqTUnJW0nv-UVkIgKvLGnY0IDHakp-HsAdo7yhqWWf1DHn_eZl9Cfbn2SaSPFN4u0
.kontrakty.ua/	1970-01-20 10:33:04	Name: __gads Value: ID=d896fe34161db73e:T=1645888375:S=ALNI_Maq35E9tIEeWY-0LLh8vCLkPEi1ug
.blismedia.com/	1970-01-20 09:57:08	Name: b Value: 621A43795B38216663AC0F1DBLIS
.casalemedia.com/	1970-01-20 09:57:04	Name: CMID Value: YhpDeXgGN8L2fZ.ugJux7AAA
.casalemedia.com/	1970-01-20 03:21:04	Name: CMPS Value: 693
.casalemedia.com/	1970-01-20 03:21:04	Name: CMPRO Value: 1878
.casalemedia.com/	1970-01-20 01:12:54	Name: CMST Value: YhpDeWIaQ3kA
smotrim.ru/	1970-01-25 20:05:16	Name: ngx_uid Value: wKgcDGIaQ3ozGiZ1CTQbAg==
m.kontrakty.ua/	1970-01-20 01:54:40	Name: admixerId Value: 7bfd5eb1bb114a31ab0f3353c7cec057
.vsoloviev.ru/	1970-01-20 01:12:54	Name: __ddg3 Value: POEkLIivtmmHIpdy

30 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://m.kontrakty.ua/ Message: Mixed Content: The page at 'https://m.kontrakty.ua/' was loaded over HTTPS, but requested an insecure element 'http://kremlin.ru/?rnd=16458883760761'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://m.kontrakty.ua/ Message: Mixed Content: The page at 'https://m.kontrakty.ua/' was loaded over HTTPS, but requested an insecure element 'http://en.kremlin.ru/?rnd=16458883760761'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://m.kontrakty.ua/ Message: Mixed Content: The page at 'https://m.kontrakty.ua/' was loaded over HTTPS, but requested an insecure element 'http://kremlin.ru/?rnd=16458883760782'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://m.kontrakty.ua/ Message: Mixed Content: The page at 'https://m.kontrakty.ua/' was loaded over HTTPS, but requested an insecure element 'http://en.kremlin.ru/?rnd=16458883760782'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://m.kontrakty.ua/ Message: Mixed Content: The page at 'https://m.kontrakty.ua/' was loaded over HTTPS, but requested an insecure element 'http://kremlin.ru/?rnd=16458883760783'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://m.kontrakty.ua/ Message: Mixed Content: The page at 'https://m.kontrakty.ua/' was loaded over HTTPS, but requested an insecure element 'http://en.kremlin.ru/?rnd=16458883760783'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://golospravdy.eu/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://from-ua.com/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://www.interfax.ru/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://vsoloviev.ru/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESELEcohg8CPi2CvvO3Tblns8&google_cver=1&google_push=AYg5qPJimPcCsmL8dfi6Q0D0hrJ-UGSVV6Qv-TS_LSwjHg9YDPVL9mqJa4I2UAH1aA0bsrZz28EehzpA6Ic2wDwIEW7pbSyQZV4u Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://smotrim.ru/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 503 (Service Temporarily Unavailable)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKbHOaVv-fd4mtySJPdI1iMvBnLhdGfor4UIPDiEACz2piFWyhULQjG5Qr10_4EZA6rnIgsG5GuVhd27mkabIwzZLEsJCGn Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YhpDeXgGN8L2fZ-ugJux7AAAB1YAAAAB&google_gid=CAESELY6DLtEfB-w6dvvl3EvLbU&google_cver=1&google_push=AYg5qPJ466g2kxVFxOtJmZd_ICs1rkIR36KD-G1dJpN9cLih_7Sd2nQOztv3wbthWwPAQYpcCcU8MeAlKg8QlZEkKdy1B4UP4vgg Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://www.vesti.ru/?rnd=16458883760761 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://from-ua.com/?rnd=16458883760782 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://golospravdy.eu/?rnd=16458883760782 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.interfax.ru/?rnd=16458883760782 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://golospravdy.eu/?rnd=16458883760783 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://vsoloviev.ru/?rnd=16458883760783 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://vsoloviev.ru/?rnd=16458883760782 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://from-ua.com/?rnd=16458883760783 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://www.interfax.ru/?rnd=16458883760783 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://smotrim.ru/?rnd=16458883760782 Message: Failed to load resource: the server responded with a status of 503 (Service Temporarily Unavailable)
network	error	URL: https://smotrim.ru/?rnd=16458883760783 Message: Failed to load resource: the server responded with a status of 503 (Service Temporarily Unavailable)
network	error	URL: https://ria.ru/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://ria.ru/lenta/?rnd=16458883760761 Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://www.vesti.ru/?rnd=16458883760782 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://www.vesti.ru/?rnd=16458883760783 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://en.kremlin.ru/?rnd=16458883760761 Message: Failed to load resource: net::ERR_TIMED_OUT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59ac7a0ffae680ce880645b5021d0d3b.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
cdn.admixer.net
cm.g.doubleclick.net
data.kontrakty.ua
dclk-match.dotomi.com
en.kremlin.ru
fonts.googleapis.com
fonts.gstatic.com
from-ua.com
golospravdy.eu
googleads.g.doubleclick.net
inv-nets.admixer.net
kontrakty.ua
kremlin.ru
lenta.ru
m.kontrakty.ua
m.lenta.ru
m.tvzvezda.ru
mts0.google.com
onetag-sys.com
online.sberbank.ru
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-inv-eu.admixer.net
ria.ru
sberbank.ru
securepubads.g.doubleclick.net
smotrim.ru
sync.adaptv.advertising.com
tass.ru
tpc.googlesyndication.com
tr.blismedia.com
tvzvezda.ru
vsoloviev.ru
www.1tv.ru
www.googletagservices.com
www.gstatic.com
www.interfax.ru
www.rbc.ru
www.rt.com
www.vesti.ru
zakupki.gov.ru
cm.g.doubleclick.net
en.kremlin.ru
kremlin.ru
m.tvzvezda.ru
online.sberbank.ru
ria.ru
sberbank.ru
www.1tv.ru
www.vesti.ru
zakupki.gov.ru
142.250.184.226
146.0.227.109
161.35.18.52
172.217.23.98
178.248.233.231
178.248.233.32
178.248.234.119
178.248.234.76
178.248.235.122
186.2.163.126
2604:9a00:2100:a017::170
2606:4700:20::ac43:458f
2606:4700:3108::ac42:2afa
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:830::200a
2a02:fa8:8806:16::1370
2a03:90c0:41:2801::254
34.96.105.8
51.75.86.98
54.156.164.26
80.247.32.208
82.202.190.240
00071a0992c715ec565c22d5618faed9c40bfa4d02a33fcac4f228b2d597f655
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00dd96081977e3c4392669bd136716d853546208a5259586111293d312b6596f
02e79388cf1cdfc62e53705da40482f9f76652804680d343c301e4d19d2037b3
030e691c53fe50cc2032d4aba8946332eec105229b04dd7e1a6a2549c7f5590f
037ddba9de32cd2e9361db1595197d8efa72d43c56754acdc92448ca267ef7de
06b36cf6d996895ec58d20d71d424c0d056fd1b6dfe7678fecbcd4a89e4d9363
0933f8df7b47dc2e7197415f47a6d595a4d157d847622e7465325778004a8e7c
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
1b634ddda5dfa7f66b67e4fe703073c46d3d7cf50f8cb5cb9e326f9baae08ea0
2a25e6ed978495951ec59abf38475d23474be3a4761940c536f2dce8352f00a4
2a58d2b27c2d2b801dcd06e547f942ba174fce5f2f0621abd2e31ca45cad79aa
2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074
2f389e83ac014e726db63d9ce25e782501ef88fb2699edead3cc9a0cb6373fce
30f02a29bac64ba7e391c727821cb4423e834d38c042799059ad8f4918e453b3
32310c9f572cf6cb69f1543996d9a299170f634fde6218442c408c7871d6affe
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
407930060b7c2f0eec1a5e47d76252f839301a9e58aa92c12784fdb3e259f0ca
4228774a5c28f8b4625ad77fbe9bd484979ec75bdbb57f1339802dc0388a16a7
42440475dee1db5ffb081e8ee8323e11659e1037740a35743a26329334971451
4eae4f2e453ea09fd58fcc921cffd417c6c7bcd21e28b940680605e90b6754aa
5aee81a1651efdd0e8e59dd7ae8be679097625ff409f7b453a313fee98c4bb74
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
654ad09dc5b24b1f579d3fb98a5cf9dffbb9ef20c920350ed26307b34822eab6
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a0a288dbdecaf9e6a38e6e0c29115b0989d29b10294833bff5b5879fd80eb60
6cff0a2d98662893fc36818707bcbf93a5c6e7468abb96622c290465ad34210d
7292bcf4720de79b8558c82ba3fbd592652e3d686cb3e58a1e5f7a77ee8ebacb
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
891bbb47d2add07dd4c05d7ecd02bb2cb830225f03691961af7aa92931c20c86
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d4ae1cf6ab7adc95886741318f58bfb74e3db89de06838125e54e7710bbeebf
913b157f2689c81cfbf6940661dad51919048b2af4edfd4b956eeda00850a42d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a11958ef48b56127be9f7502a09b1256f443ff61b3443f54f65d62c0b99ec491
a465f215b29b9cb19ab1b57daa53d47c51dff65079002ae665936f0df420db56
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7fc43568d7f616049a321e68d3206d814ae915ced002a56a8b52450c5c262c1
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c2907d59f3f82d0c45c8217536b9e91365cee0b10ca01ccdf716db40bf81a01e
c4545ea775b4d568be77c65ae999a56d7a3d62f832427801973bfed3dc9d814c
c752817d54c6369cf49972be2cf117e9cd1d2ddb8e3ba056f1d9c529f5ea50b4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cc57a2277ce5318c567047623888b60d09b10ced1600c9875f58464678a079dd
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
d68f896be68bb5972f012d486c76af780945334a7f6662064a5879075eb1adef
db8533966ea08de80f74a636022baf39c27c2369218367c50514b4417a87b8a9
dde36d3393648e3fd9d0986e22681aa33e1d5070a50e5e2a0d01f9092f9bab71
e114394d6b0349144b28d679b6c44fcadbcab634789db73b84ca6e4b55c61dc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67d6e5346c9f9990ce390990a5f00cf48facf941df6bfab6c710fa8585a53cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cdc84bef65eff8fcefaa6dc752ee7686bfd1da812eb27cf194305ea4d00fce
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
fa9daa474e1cc9336a50452b90842a7a0731361320a2c9bc7ba1b270afbfb279

m.kontrakty.ua Open in urlscan Pro 161.35.18.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

76 %HTTPS

50 %IPv6

30 Domains

44 Subdomains

31 IPs

7 Countries

844 kBTransfer

2210 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.kontrakty.ua Open in urlscan Pro
161.35.18.52 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

76 %
HTTPS

50 %
IPv6

30
Domains

44
Subdomains

31
IPs

7
Countries

844 kB
Transfer

2210 kB
Size

16
Cookies

138 HTTP transactions
4 data transactions